HP OpenView Network Node Manager Remote Execution of Arbitrary Code (HPSBMA02621 SSRT100352)

critical Nessus Plugin ID 51645

Plugin Details

Severity: Critical

ID: 51645

File Name: openview_nnm_execvp_nc.nasl

Version: 1.14

Type: remote

Family: CGI abuses

Published: 1/21/2011

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information


Risk Factor: High

Score: 7.4


Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Patch Publication Date: 1/10/2011

Vulnerability Publication Date: 7/20/2010

Exploitable With

Core Impact

Metasploit (HP OpenView NNM nnmRptConfig.exe schdParams Buffer Overflow)

Reference Information

CVE: CVE-2010-2703, CVE-2011-0261, CVE-2011-0262, CVE-2011-0263, CVE-2011-0264, CVE-2011-0265, CVE-2011-0266, CVE-2011-0267, CVE-2011-0268, CVE-2011-0269, CVE-2011-0270, CVE-2011-0271

BID: 41829, 45762