Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2010-1554 β€” Improper Restriction of Operations within the Bounds of a Memory Buffer in HP Openview Network Node Manager

CWE-119 β€” Improper Restriction of Operations within the Bounds of a Memory Buffer6 documents5 sources
Severity
10.0CRITICALNVD
EPSS
81.4%
top 0.82%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
HP Openview Network Node Manager
Timeline
PublishedMay 13
Latest updateMay 14

Description

Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid iCount parameter.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

β–ΆNVDhp/openview_network_node_manager7.0.1, 7.51, 7.53+2

πŸ”΄Vulnerability Details

2
GHSA
GHSA-jwpq-9gh6-w8cq: Stack-based buffer overflow in getnnmdata↗2022-05-14
β–Ά
CVEList
CVE-2010-1554: Stack-based buffer overflow in getnnmdata↗2010-05-13
β–Ά

πŸ’₯Exploits & PoCs

2
Exploit-DB
HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe ICount' CGI Buffer Overflow (Metasploit)β†—2011-03-24
β–Ά
Exploit-DB
HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe' CGI Invalid ICount Remote Code Execution↗2010-07-02
β–Ά

πŸ’¬Community

1
Bugzilla
CVE-2010-2642 CVE-2011-0433 CVE-2011-0764 CVE-2011-1552 CVE-2011-1553 CVE-2011-1554 t1lib various flaws [fedora-all]β†—2012-01-10
β–Ά
CVE-2010-1554 β€” HP vulnerability | cvebase