Signature Detail

APP: HP OpenView NNM snmpviewer.exe App Parameter Stack Buffer Overflow

This signature detects attempts to exploit a known stack buffer overflow vulnerability in HP OpenView Network Node Manager. It is due to a boundary error in the snmpviewer.exe CGI program when processing certain parameters sent in a crafted HTTP request. A remote unauthenticated attacker can exploit this by sending a crafted HTTP POST request to a target server, potentially causing arbitrary code to be injected and executed in the security context of the Web server process.

Extended Description

HP OpenView Network Node Manager (NNM) is prone to a remote stack-based buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will completely compromise affected computers. Failed exploit attempts will result in a denial-of-service condition.

Affected Products

• HP OpenView Network Node Manager 7.01
• HP OpenView Network Node Manager 7.51
• HP OpenView Network Node Manager 7.53

References

• BugTraq: 40068
• CVE: CVE-2010-1552
• URL: http://osvdb.org/64975
• URL: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02153379
• URL: http://secunia.com/advisories/39757/