Vulnerability CVE-2009-4180 - CERT Civis.Net

Vulnerability Name:

CVE-2009-4180 (CCN-54656)

Assigned:

2009-12-09

Published:

2009-12-09

Updated:

2018-10-10

Summary:

Stack-based buffer overflow in snmpviewer.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Host header.

CVSS v3 Severity:

10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
7.4 High (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2009-4180

Source: CCN
Type: TPTI-09-13
HP OpenView NNM snmpviewer.exe CGI Host Header Stack Overflow Vulnerability

Source: MISC
Type: Patch
http://dvlabs.tippingpoint.com/advisory/TPTI-09-13

Source: CCN
Type: HP Security Bulletin HPSBMA02483 SSRT090257 rev.1
HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code

Source: HP
Type: Patch, Vendor Advisory
SSRT090135

Source: HP
Type: UNKNOWN
SSRT090257

Source: CCN
Type: SA37665
HP OpenView Network Node Manager Multiple Vulnerabilities

Source: CCN
Type: OSVDB ID: 60931
HP OpenView Network Node Manager (OV NNM) snmpviewer.exe CGI Host Header Handling Remote Overflow

Source: BUGTRAQ
Type: UNKNOWN
20091209 TPTI-09-13: HP OpenView NNM snmpviewer.exe CGI Host Header Stack Overflow Vulnerability

Source: BID
Type: Patch
37261

Source: CCN
Type: BID-37261
RETIRED: HP OpenView Network Node Manager Multiple Remote Code Execution Vulnerabilities

Source: BID
Type: UNKNOWN
37348

Source: CCN
Type: BID-37348
HP OpenView Network Node Manager 'snmpviewer.exe' Remote Code Execution Vulnerability

Source: XF
Type: UNKNOWN
hp-ovnnm-snmpviewer-bo(54656)

Source: XF
Type: UNKNOWN
hp-ovnnm-snmpviewer-bo(54656)

Vulnerable Configuration:

Configuration 1:

cpe:/a:hp:openview_network_node_manager:7.0.1:*:hp_ux:*:*:*:*:*

OR cpe:/a:hp:openview_network_node_manager:7.0.1:*:linux:*:*:*:*:*

OR cpe:/a:hp:openview_network_node_manager:7.0.1:*:solaris:*:*:*:*:*

OR cpe:/a:hp:openview_network_node_manager:7.0.1:*:windows:*:*:*:*:*

OR cpe:/a:hp:openview_network_node_manager:7.51:-:hp-ux:*:*:*:*:*

OR cpe:/a:hp:openview_network_node_manager:7.51:-:linux:*:*:*:*:*

OR cpe:/a:hp:openview_network_node_manager:7.51:-:solaris:*:*:*:*:*

OR cpe:/a:hp:openview_network_node_manager:7.51:-:windows:*:*:*:*:*

OR cpe:/a:hp:openview_network_node_manager:7.53:-:hp-ux:*:*:*:*:*

OR cpe:/a:hp:openview_network_node_manager:7.53:-:linux:*:*:*:*:*

OR cpe:/a:hp:openview_network_node_manager:7.53:-:solaris:*:*:*:*:*

OR cpe:/a:hp:openview_network_node_manager:7.53:-:windows:*:*:*:*:*

Configuration CCN 1:

cpe:/a:hp:openview_network_node_manager:7.01:*:*:*:*:*:*:*

OR cpe:/a:hp:openview_network_node_manager:7.51:*:*:*:*:*:*:*

OR cpe:/a:hp:openview_network_node_manager:7.53:*:*:*:*:*:*:*

Denotes that component is vulnerable