Vulnerability Details : CVE-2011-3167
Public exploit exists!
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1210.
Vulnerability category: Execute code
Products affected by CVE-2011-3167
- cpe:2.3:a:hp:openview_network_node_manager:7.51:*:*:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.53:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-3167
95.79%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2011-3167
-
HP OpenView Network Node Manager ov.dll _OVBuildPath Buffer Overflow
Disclosure Date: 2011-11-01First seen: 2020-04-26exploit/windows/http/hp_nnm_ovbuildpath_textfileThis module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.53 prior to NNM_01213 without the SSRT100649 hotfix. By specifying a long 'textFile' argument when calling the 'webappmon.exe' CGI program, an attacker can cause a stack-based
CVSS scores for CVE-2011-3167
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
References for CVE-2011-3167
-
http://www.securitytracker.com/id?1026260
HP OpenView Network Node Manager Bugs Let Remote Users Execute Arbitrary Code - SecurityTracker
-
http://marc.info/?l=bugtraq&m=132017799623289&w=2
'[security bulletin] HPSBMU02712 SSRT100649 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote' - MARCVendor Advisory
-
http://securityreason.com/securityalert/8484
HP OpenView Network Node Manager (OV NNM) RemoteExecution of Arbitrary Code - CXSecurity.com
Jump to