Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2000-1058 — Improper Restriction of Operations within the Bounds of a Memory Buffer in HP Openview Network Node Manager

4 documents4 sources

Severity

5.0MEDIUMNVD

EPSS

11.5%

top 6.37%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

HP Openview Network Node Manager

Timeline

PublishedDec 11

Latest updateApr 30

Description

Buffer overflow in OverView5 CGI program in HP OpenView Network Node Manager (NNM) 6.1 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, in the SNMP service (snmp.exe), aka the "Java SNMP MIB Browser Object ID parsing problem."

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDhp/openview_network_node_manager4.11, 5.01, 6.1+2

Patches

Patch: archives.neohapsis.com ↗Patch: archives.neohapsis.com ↗

🔴Vulnerability Details

GHSA

GHSA-x8mq-wjxq-q628: Buffer overflow in OverView5 CGI program in HP OpenView Network Node Manager (NNM) 6↗2022-04-30

▶

CVEList

CVE-2000-1058: Buffer overflow in OverView5 CGI program in HP OpenView Network Node Manager (NNM) 6↗2001-01-22

▶

💥Exploits & PoCs

Exploit-DB

HP OpenView Network Node Manager 6.10 - SNMP Denial of Service↗2000-09-26

▶