Buffer Overflow in HP OpenView Network Node Manager Affects Multiple Versions
CVE-2011-0267

Currently unrated

Key Information:

Vendor: HP
Status: Openview Network Node Manager
Vendor: CVE Published:; 13 January 2011

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 78%

What is CVE-2011-0267?

A vulnerability exists in the nnmRptConfig.exe component of HP OpenView Network Node Manager versions 7.51 and 7.53, which can be exploited by remote attackers. By sending specially crafted inputs to the schdParams or nameParams parameters, an attacker may execute arbitrary code on the affected system. This issue is distinct from related vulnerabilities and highlights the importance of securing network management interfaces to prevent unauthorized access.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2011-0267 - Proof of Concept

References

http://www.securityfocus.com/archive/1/515628

vendor-advisoryx_refsource_HP

http://www.vupen.com/english/advisories/2011/0085

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/archive/1/515628

vendor-advisoryx_refsource_HP

EPSS Score

78% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Jan 13, 2011
👾
Exploit known to exist
Jan 13, 2011
Vulnerability published
Jan 13, 2011
Vulnerability Reserved
Dec 23, 2010

CVE-2011-0267 Data

JSON