HP OpenView Network Node Manager Multiple Code Execution Vulnerabilities (HPSBMU02712 SSRT100649)

critical Nessus Plugin ID 58516

Synopsis

The version of HP Network Node Manager running on the remote host is affected by multiple code execution vulnerabilities.

Description

The installed version of HP Network Node Manager is affected by the following vulnerabilities :

- A remote code execution vulnerability exists because the 'nnmRptConfig.exe' CGI application does not adequately validate user-supplied input. (CVE-2011-3165)

- A remote code execution vulnerability exists within ov.dll. Insufficient boundary checking before supplying the value to a format string within _OVBuildPath can cause a stack overflow, leading to memory corruption, which could allow an attacker to execute arbitrary code within the context of the target service. (CVE-2011-3166)

- A remote code execution vulnerability exists within the webappmon.exe CGI program. The vulnerability is due an insufficient boundary check before supplying a format string with the values. This causes a stack overflow, which can lead to memory corruption that can be exploited to execute arbitrary code within the context of the target service. (CVE-2011-3167)

Solution

Upgrade to B.07.53 Patchlevel NNM_01213 or its equivalent.

See Also

https://www.zerodayinitiative.com/advisories/ZDI-11-348/

https://www.zerodayinitiative.com/advisories/ZDI-12-002/

https://www.zerodayinitiative.com/advisories/ZDI-12-003/

http://www.nessus.org/u?02dda619

https://www.securityfocus.com/archive/1/520349

Plugin Details

Severity: Critical

ID: 58516

File Name: hp_nnm_multiple_code_execution.nasl

Version: 1.12

Type: remote

Published: 3/28/2012

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:hp:openview_network_node_manager

Required KB Items: hp/hp_nnm

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/1/2011

Vulnerability Publication Date: 11/1/2011

Exploitable With

Metasploit (HP OpenView Network Node Manager ov.dll _OVBuildPath Buffer Overflow)

Reference Information

CVE: CVE-2011-3165, CVE-2011-3166, CVE-2011-3167

BID: 50471, 51049