HP OpenView Network Node Manager snmpviewer.exe CGI Stack Buffer Overflow

Added: 07/01/2010
CVE: CVE-2010-1552
BID: 40068
OSVDB: 64975

Background

HP OpenView Network Node Manager is network availability and performance management software.

Problem

A stack buffer overflow vulnerability in HP Openview NNM allows remote attackers to execute arbitrary commands by sending specially crafted act and app parameters to the snmpviewer.exe CGI program.

Resolution

Apply the patches referenced in HP Security Bulletin HPSBMA02527 SSRT010098.

References

http://secunia.com/advisories/39757/

Limitations

Exploit works on HP OpenView Network Node Manager 7.53.

On Windows Server 2003, Read and Execute privileges on the file %windir%\system32\cmd.exe must be granted to the Internet Guest Account IUSR_<computername> for the exploit to work properly. Note that users in the groups Users and Power Users don't have those privileges, but users in the groups Administrators and TelnetClients do.

Platforms

Windows

Back to exploit index