‘HP OpenView Network Node Manager nnmRptConfig.exe schd_select1 Vulnerability’

Summary

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager.’

Credit:

‘The information has been provided by Aniway.
The original article can be found at: http://www.zerodayinitiative.com/advisories/ZDI-11-011/


Details

Vulnerable Systems:
 * Hewlett-Packard OpenView Network Node Manager

The specific flaw exists within the nnmRptConfig.exe module exposed by the webserver that listens by default on TCP port 80. A remote user can send an oversized schd_select1 parameter via a POST request to one of the CGI functions of NNM to trigger a buffer overflow in this module. Exploitation of this issue leads to remote code execution under the context of the target service.

Patch Availability:
Hewlett-Packard has issued an update to correct this vulnerability. More details can be found at
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02670501

CVE Information:
CVE-2011-0269

Disclosure Timeline:
2010-09-23 – Vulnerability reported to vendor
2011-01-10 – Coordinated public release of advisory’

Categories: Windows