Vulnerability Details : CVE-2010-1554
Public exploit exists!
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid iCount parameter.
Vulnerability category: OverflowExecute code
Exploit prediction scoring system (EPSS) score for CVE-2010-1554
Probability of exploitation activity in the next 30 days: 96.65%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2010-1554
-
HP OpenView Network Node Manager getnnmdata.exe (ICount) CGI Buffer Overflow
Disclosure Date: 2010-05-11First seen: 2020-04-26exploit/windows/http/hp_nnm_getnnmdata_icountThis module exploits a buffer overflow in HP OpenView Network Node Manager 7.50/7.53. By sending specially crafted ICount parameter to the getnnmdata.exe CGI, an attacker may be able to execute arbitrary code. Authors: - MC <mc@metasploit.com>
CVSS scores for CVE-2010-1554
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2010-1554
-
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2010-1554
-
http://www.securityfocus.com/archive/1/511249/100/0/threaded
SecurityFocus
-
http://zerodayinitiative.com/advisories/ZDI-10-085/
ZDI-10-085 | Zero Day Initiative
-
http://marc.info/?l=bugtraq&m=127360750704351&w=2
'[security bulletin] HPSBMA02527 SSRT010098 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote' - MARC
-
http://www.exploit-db.com/exploits/14181
HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe' CGI Invalid ICount Remote Code Execution - Windows remote Exploit
-
http://securityreason.com/securityalert/8154
HP OpenView Network Node Manager getnnmdata.exe (ICount) CGI Buffer Overflow - CXSecurity.com
Products affected by CVE-2010-1554
- cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.51:*:*:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.53:*:*:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.51:-:windows:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.53:-:hp-ux:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.51:-:linux:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.53:-:linux:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.51:-:solaris:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.53:-:solaris:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.53:-:windows:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.51:-:hp-ux:*:*:*:*:*