Vulnerability-Lookup

CVE-2010-0104 (GCVE-0-2010-0104)

Vulnerability from cvelistv5 – Published: 2010-03-18 17:12 – Updated: 2024-09-17 03:17

Summary

Severity ?

No CVSS data available.

CWE

Assigner

certcc

References

URL

FKIE_CVE-2010-0104

Vulnerability from fkie_nvd - Published: 2010-03-18 17:30 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
cret@cert.org	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02048471	Patch, Vendor Advisory
cret@cert.org	http://secunia.com/advisories/39003	Vendor Advisory
cret@cert.org	http://securitytracker.com/id?1023710
cret@cert.org	http://www.kb.cert.org/vuls/id/512705	US Government Resource
cret@cert.org	http://www.securityfocus.com/bid/38759
cret@cert.org	http://www.vupen.com/english/advisories/2010/0631	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02048471	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/39003	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1023710
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/512705	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/38759
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/0631	Vendor Advisory

Impacted products

Vendor	Product	Version
broadcom	broadcom	*
hp	compaq_6005_pro_microtower_pc	*
hp	compaq_6005_small_form_factor_pc	*
broadcom	broadcom	*
hp	compaq_dc5700_pro_microtower_pc	*
hp	compaq_dc5700_small_form_factor_pc	*
hp	compaq_dc5750_microtower_pc	*
hp	compaq_dc5750_small_form_factor_pc	*
hp	compaq_dc5850_microtower_pc	*
hp	compaq_dc5850_small_form_factor_pc	*
hp	compaq_dc7600_convertible_minitower_pc	*
hp	compaq_dc7600_desktop_pc	*
hp	compaq_dc7600_small_form_factor_pc	*
hp	compaq_dc7600_ultra-slim_desktop_pc	*
hp	compaq_dx7200_microtower_pc	*
hp	compaq_rp3000_point_of_sale_system	*
hp	compaq_rp5700_point_of_sale_system	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:broadcom:broadcom:*:1.24.0.9:*:*:*:*:*:*",
              "matchCriteriaId": "E0B9C304-5840-410E-8DD4-8389C4E878A6",
              "versionEndIncluding": "integrated_nic_management_firmware",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:hp:compaq_6005_pro_microtower_pc:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12D844B0-A74F-4C33-9D4A-E89123587317",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hp:compaq_6005_small_form_factor_pc:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "887F297F-79A2-4886-BFE3-D1CC89451055",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:broadcom:broadcom:*:8.0.4:*:*:*:*:*:*",
              "matchCriteriaId": "7ADAB133-0E56-4EF5-9410-5B237D680E5F",
              "versionEndIncluding": "integrated_nic_management_firmware",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:hp:compaq_dc5700_pro_microtower_pc:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD37C68C-4963-40FE-9C5D-24BAF15E7876",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hp:compaq_dc5700_small_form_factor_pc:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F227FE78-601F-4074-9221-D6155925A989",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hp:compaq_dc5750_microtower_pc:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "517F9841-9787-4472-ADCF-455F687F8805",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hp:compaq_dc5750_small_form_factor_pc:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A567BCDB-CDA4-4E4D-B2C6-0BDE1E70193A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hp:compaq_dc5850_microtower_pc:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "751D6F6D-A39F-4B1F-980C-C1BF2752BA4F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hp:compaq_dc5850_small_form_factor_pc:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEA95C1B-709C-4CB0-845C-736F69EC0918",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hp:compaq_dc7600_convertible_minitower_pc:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2959BA8-4846-4840-B9EA-FCFBA1EEF7CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hp:compaq_dc7600_desktop_pc:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E09F9FC2-B2FA-49AE-B41B-69CB8C798823",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hp:compaq_dc7600_small_form_factor_pc:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "540A6043-5711-41F6-A79B-CFE56A1E258A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hp:compaq_dc7600_ultra-slim_desktop_pc:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F0E6BC4-ACCC-40A8-B3D2-BD0B88F5A629",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hp:compaq_dx7200_microtower_pc:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CD9397B-CE64-4CA5-B965-60278CC7BD6A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hp:compaq_rp3000_point_of_sale_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2ED60A4-F337-438A-BE65-D582A2FBDB4C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hp:compaq_rp5700_point_of_sale_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "358890A4-50FC-470A-BD5C-2D5F9CB0B0FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the Broadcom Integrated NIC Management Firmware 1.x before 1.40.0.0 and 8.x before 8.08 on the HP Small Form Factor and Microtower platforms allows remote attackers to execute arbitrary code via unknown vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en el firmware Broadcom Integrated NIC Management  v1.x anteriores a la v1.40.0.0 y v8.x anteriores a la v8.08 en las plataformas HP Small Form Factor y Microtower permite a atacantes remotos ejecutar comandos de su elecci\u00f3n a trav\u00e9s de vectores desconocidos."
    }
  ],
  "id": "CVE-2010-0104",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-03-18T17:30:00.383",
  "references": [
    {
      "source": "cret@cert.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02048471"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/39003"
    },
    {
      "source": "cret@cert.org",
      "url": "http://securitytracker.com/id?1023710"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/512705"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.securityfocus.com/bid/38759"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0631"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02048471"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/39003"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1023710"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/512705"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/38759"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0631"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-HXJG-CJPX-X3X5

Vulnerability from github – Published: 2022-05-02 06:10 – Updated: 2022-05-02 06:10

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2010-0104"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2010-03-18T17:30:00Z",
    "severity": "HIGH"
  },
  "details": "Unspecified vulnerability in the Broadcom Integrated NIC Management Firmware 1.x before 1.40.0.0 and 8.x before 8.08 on the HP Small Form Factor and Microtower platforms allows remote attackers to execute arbitrary code via unknown vectors.",
  "id": "GHSA-hxjg-cjpx-x3x5",
  "modified": "2022-05-02T06:10:10Z",
  "published": "2022-05-02T06:10:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0104"
    },
    {
      "type": "WEB",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02048471"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/39003"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1023710"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/512705"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/38759"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/0631"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2010-0104

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2010-0104

Aliases

CVE-2010-0104

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2010-0104",
    "description": "Unspecified vulnerability in the Broadcom Integrated NIC Management Firmware 1.x before 1.40.0.0 and 8.x before 8.08 on the HP Small Form Factor and Microtower platforms allows remote attackers to execute arbitrary code via unknown vectors.",
    "id": "GSD-2010-0104"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2010-0104"
      ],
      "details": "Unspecified vulnerability in the Broadcom Integrated NIC Management Firmware 1.x before 1.40.0.0 and 8.x before 8.08 on the HP Small Form Factor and Microtower platforms allows remote attackers to execute arbitrary code via unknown vectors.",
      "id": "GSD-2010-0104",
      "modified": "2023-12-13T01:21:28.430763Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cert@cert.org",
        "ID": "CVE-2010-0104",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Unspecified vulnerability in the Broadcom Integrated NIC Management Firmware 1.x before 1.40.0.0 and 8.x before 8.08 on the HP Small Form Factor and Microtower platforms allows remote attackers to execute arbitrary code via unknown vectors."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "VU#512705",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/512705"
          },
          {
            "name": "1023710",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1023710"
          },
          {
            "name": "ADV-2010-0631",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2010/0631"
          },
          {
            "name": "38759",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/38759"
          },
          {
            "name": "HPSBGN02511",
            "refsource": "HP",
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02048471"
          },
          {
            "name": "39003",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/39003"
          },
          {
            "name": "SSRT100022",
            "refsource": "HP",
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02048471"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:broadcom:broadcom:*:1.24.0.9:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "integrated_nic_management_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:compaq_6005_small_form_factor_pc:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:compaq_6005_pro_microtower_pc:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:broadcom:broadcom:*:8.0.4:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "integrated_nic_management_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:compaq_dc5700_small_form_factor_pc:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:compaq_dc5750_small_form_factor_pc:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:compaq_rp3000_point_of_sale_system:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:compaq_dc7600_desktop_pc:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:compaq_dc5850_microtower_pc:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:compaq_dc5850_small_form_factor_pc:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:compaq_dc7600_convertible_minitower_pc:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:compaq_dc7600_ultra-slim_desktop_pc:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:compaq_dc7600_small_form_factor_pc:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:compaq_dc5700_pro_microtower_pc:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:compaq_dc5750_microtower_pc:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:compaq_dx7200_microtower_pc:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:compaq_rp5700_point_of_sale_system:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2010-0104"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in the Broadcom Integrated NIC Management Firmware 1.x before 1.40.0.0 and 8.x before 8.08 on the HP Small Form Factor and Microtower platforms allows remote attackers to execute arbitrary code via unknown vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1023710",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1023710"
            },
            {
              "name": "ADV-2010-0631",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0631"
            },
            {
              "name": "VU#512705",
              "refsource": "CERT-VN",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/512705"
            },
            {
              "name": "39003",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/39003"
            },
            {
              "name": "HPSBGN02511",
              "refsource": "HP",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02048471"
            },
            {
              "name": "38759",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/38759"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": true,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2019-10-09T22:59Z",
      "publishedDate": "2010-03-18T17:30Z"
    }
  }
}

CERTA-2010-AVI-121

Vulnerability from certfr_avis - Published: 2010-03-17 - Updated: 2010-03-17

Une vulnérabilité dans les produits HP Small Form Factor PC et HP Microtower PC permet à une personne malintentionnée d'exécuter du code arbitraire à distance.

Description

Une vulnérabilité dans le microcode de certaines cartes réseau Broadcom intégrées dans des machines HP permet à une personne malintentionnée d'exécuter du code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	HP Compaq dc7600 Convertible Microtower, Ultra Slim Desktop et Small Form Factor PC ;
N/A	N/A	HP rp3000 Point of Sale System ;
N/A	N/A	HP Compaq dc5750 Microtower et Small Form Factor PC ;
N/A	N/A	HP Compaq rp5700 Desktop PC et Point Of Sale System.
N/A	N/A	HP Compaq 6005 Pro Microtower et Small Form Factor PC ;
N/A	N/A	HP Compaq dc5850 Microtower et Small Form Factor PC ;
N/A	N/A	HP Compaq dx7200 Microtower PC ;
N/A	N/A	HP Compaq dc5700 Microtower et Small Form Factor PC ;

References

Title

Publication Time

VAR-201003-0152

Vulnerability from variot - Updated: 2025-04-11 23:10

Unspecified vulnerability in the Broadcom Integrated NIC Management Firmware 1.x before 1.40.0.0 and 8.x before 8.08 on the HP Small Form Factor and Microtower platforms allows remote attackers to execute arbitrary code via unknown vectors. Broadcom NetXtreme Management firmware contains a buffer overflow vulnerability. Part of Broadcom NetXtreme The management firmware installed on the network adapter is Alert Standard Format (ASF) Is supported. Crafted ASF version 2.0 RAKP Message 1 A buffer overflow vulnerability exists due to packet processing. In addition, Remote Management and Control Protocol (RMCP) over RMCP Security-Extensions Protocol (RSP) This vulnerability is only affected when management is enabled. This feature is disabled by default.A remote attacker could execute arbitrary code or disrupt service operations (DoS) There is a possibility of being attacked. Remote control and alarm interfaces can be defined for systems and devices when the host operating system does not exist. This feature is disabled by default. Broadcom NetXtreme devices are prone to a remote code-execution vulnerability. The following versions are vulnerable: - BCM5751, BCM5752, BCM5753, BCM5754, BCM5755, BCM5756, BCM5764, and BCM5787 with firmware version 8.04 - BCM57760 with firmware version 8.07 - BCM5761 with firmware version 1.24.0.9. Broadcom is the world's leading semiconductor company for wired and wireless communications.

Disable the management firmware or Secure ASF (RSP) support. ----------------------------------------------------------------------

Use WSUS to deploy 3rd party patches

Public BETA http://secunia.com/vulnerability_scanning/corporate/wsus_3rd_third_party_patching/

TITLE: HP Broadcom Integrated NIC Management Firmware Vulnerability

SECUNIA ADVISORY ID: SA39003

VERIFY ADVISORY: http://secunia.com/advisories/39003/

DESCRIPTION: A vulnerability has been reported in Broadcom Integrated NIC Management Firmware for HP PCs, which can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is reported in 1.x versions prior to 1.40.0.0, and 8.x versions prior to 8.08. Please see the vendor's advisory for details on affected hardware.

SOLUTION: Update to version 1.40.0.0 or 8.08 (available via softpaq SP47557). ftp://ftp.hp.com/pub/softpaq/sp47501-48000/sp47557.exe

PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.

ORIGINAL ADVISORY: HPSBGN02511 SSRT100022: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02048471

About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201003-0152",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "broadcom",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "broadcom",
        "version": "integrated_nic_management_firmware"
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "broadcom",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": null
      },
      {
        "model": "hp compaq 6005 pro microtower pc",
        "scope": null,
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": null
      },
      {
        "model": "hp compaq 6005 pro small form factor pc",
        "scope": null,
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": null
      },
      {
        "model": "hp compaq dc5700 microtower pc",
        "scope": null,
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": null
      },
      {
        "model": "hp compaq dc5700 small form factor pc",
        "scope": null,
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": null
      },
      {
        "model": "hp compaq dc5750 microtower pc",
        "scope": null,
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": null
      },
      {
        "model": "hp compaq dc5750 small form factor pc",
        "scope": null,
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": null
      },
      {
        "model": "hp compaq dc5850 microtower pc",
        "scope": null,
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": null
      },
      {
        "model": "hp compaq dc5850 small form factor pc",
        "scope": null,
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": null
      },
      {
        "model": "hp compaq dc7600 convertible minitower pc",
        "scope": null,
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": null
      },
      {
        "model": "hp compaq dc7600 small form factor pc",
        "scope": null,
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": null
      },
      {
        "model": "hp compaq dc7600 ultra-slim desktop pc",
        "scope": null,
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": null
      },
      {
        "model": "hp compaq dx7200 microtower pc",
        "scope": null,
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": null
      },
      {
        "model": "hp rp3000 point of sale system",
        "scope": null,
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": null
      },
      {
        "model": "hp rp5700 desktop pc",
        "scope": null,
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": null
      },
      {
        "model": "hp rp5700 point of sale system",
        "scope": null,
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.6,
        "vendor": "no",
        "version": null
      },
      {
        "model": "broadcom",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "broadcom",
        "version": "integrated_nic_management_firmware"
      },
      {
        "model": "workstation z800",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "workstation z600",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "workstation z400",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "workstation xw8600",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "workstation xw8400",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "workstation xw6600",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "workstation xw6400",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "workstation xw6200",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "workstation xw4600",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "workstation xw4550",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "workstation xw4400",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "workstation xw4300",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "workstation xw4200",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "workstation xw3400",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "workstation xw",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "4100"
      },
      {
        "model": "rp5700 point of sale system",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "8.04"
      },
      {
        "model": "rp5700 point of sale",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "model": "rp5700 desktop pc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "8.04"
      },
      {
        "model": "rp5700 business desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "model": "rp3000 point of sale system",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "8.04"
      },
      {
        "model": "compaq dx7200 microtower pc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "8.04"
      },
      {
        "model": "compaq dx7200 microtower",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "model": "compaq dc7600 ultra-slim desktop pc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "8.04"
      },
      {
        "model": "compaq dc7600 small form factor pc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "8.04"
      },
      {
        "model": "compaq dc7600 small form factor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "model": "compaq dc7600 microtower",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "model": "compaq dc7600 convertible minitower pc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "8.04"
      },
      {
        "model": "compaq dc7600 convertible",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "model": "compaq dc5850 small form factor pc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "8.04"
      },
      {
        "model": "compaq dc5850 small form factor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "model": "compaq dc5850 microtower pc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "8.04"
      },
      {
        "model": "compaq dc5850 microtower",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "model": "compaq dc5750 small form factor pc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "8.04"
      },
      {
        "model": "compaq dc5750 small form factor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "model": "compaq dc5750 microtower pc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "8.04"
      },
      {
        "model": "compaq dc5750 microtower",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "model": "compaq dc5700 small form factor pc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "8.04"
      },
      {
        "model": "compaq dc5700 small form factor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "model": "compaq dc5700 microtower pc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "8.04"
      },
      {
        "model": "compaq dc5700 microtower",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "model": "compaq pro small form factor pc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "60051.24.9"
      },
      {
        "model": "compaq pro small form factor pc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "60050"
      },
      {
        "model": "compaq pro microtower pc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "60051.24.9"
      },
      {
        "model": "compaq pro microtower pc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "60050"
      },
      {
        "model": "netxtreme bcm5787",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "broadcom",
        "version": "8.04"
      },
      {
        "model": "netxtreme bcm57760",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "broadcom",
        "version": "8.07"
      },
      {
        "model": "netxtreme bcm5764",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "broadcom",
        "version": "8.04"
      },
      {
        "model": "netxtreme bcm5761",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "broadcom",
        "version": "1.249"
      },
      {
        "model": "netxtreme bcm5756",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "broadcom",
        "version": "8.04"
      },
      {
        "model": "netxtreme bcm5755",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "broadcom",
        "version": "8.04"
      },
      {
        "model": "netxtreme bcm5754",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "broadcom",
        "version": "8.04"
      },
      {
        "model": "netxtreme bcm5753",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "broadcom",
        "version": "8.04"
      },
      {
        "model": "netxtreme bcm5752",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "broadcom",
        "version": "8.04"
      },
      {
        "model": "netxtreme bcm5751",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "broadcom",
        "version": "8.04"
      },
      {
        "model": "rp5700 point of sale system",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "hp",
        "version": "8.08"
      },
      {
        "model": "rp5700 desktop pc",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "hp",
        "version": "8.08"
      },
      {
        "model": "rp3000 point of sale system",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "hp",
        "version": "8.08"
      },
      {
        "model": "compaq dx7200 microtower pc",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "hp",
        "version": "8.08"
      },
      {
        "model": "compaq dc7600 ultra-slim desktop pc",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "hp",
        "version": "8.08"
      },
      {
        "model": "compaq dc7600 small form factor pc",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "hp",
        "version": "8.08"
      },
      {
        "model": "compaq dc7600 convertible minitower pc",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "hp",
        "version": "8.08"
      },
      {
        "model": "compaq dc5850 small form factor pc",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "hp",
        "version": "8.08"
      },
      {
        "model": "compaq dc5850 microtower pc",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "hp",
        "version": "8.08"
      },
      {
        "model": "compaq dc5750 small form factor pc",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "hp",
        "version": "8.08"
      },
      {
        "model": "compaq dc5750 microtower pc",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "hp",
        "version": "8.08"
      },
      {
        "model": "compaq dc5700 small form factor pc",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "hp",
        "version": "8.08"
      },
      {
        "model": "compaq dc5700 microtower pc",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "hp",
        "version": "8.08"
      },
      {
        "model": "compaq pro small form factor pc",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "hp",
        "version": "60051.40.0"
      },
      {
        "model": "compaq pro microtower pc",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "hp",
        "version": "60051.40.0"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#512705"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0456"
      },
      {
        "db": "BID",
        "id": "38759"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001341"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-245"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0104"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/h:hp:compaq_6005_pro_microtower_pc",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:hp:compaq_6005_small_form_factor_pc",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:hp:compaq_dc5700_pro_microtower_pc",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:hp:compaq_dc5700_small_form_factor_pc",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:hp:compaq_dc5750_microtower_pc",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:hp:compaq_dc5750_small_form_factor_pc",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:hp:compaq_dc5850_microtower_pc",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:hp:compaq_dc5850_small_form_factor_pc",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:hp:compaq_dc7600_convertible_minitower_pc",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:hp:compaq_dc7600_small_form_factor_pc",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:hp:compaq_dc7600_ultra-slim_desktop_pc",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:hp:compaq_dx7200_microtower_pc",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:hp:compaq_rp3000_point_of_sale_system",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:hp:compaq_dc7600_desktop_pc",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:hp:compaq_rp5700_point_of_sale_system",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001341"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "HP",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-245"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2010-0104",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2010-0104",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "VHN-42709",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2010-0104",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#512705",
            "trust": 0.8,
            "value": "0.68"
          },
          {
            "author": "NVD",
            "id": "CVE-2010-0104",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201003-245",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-42709",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#512705"
      },
      {
        "db": "VULHUB",
        "id": "VHN-42709"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001341"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-245"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0104"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Unspecified vulnerability in the Broadcom Integrated NIC Management Firmware 1.x before 1.40.0.0 and 8.x before 8.08 on the HP Small Form Factor and Microtower platforms allows remote attackers to execute arbitrary code via unknown vectors. Broadcom NetXtreme Management firmware contains a buffer overflow vulnerability. Part of Broadcom NetXtreme The management firmware installed on the network adapter is Alert Standard Format (ASF) Is supported. Crafted ASF version 2.0 RAKP Message 1 A buffer overflow vulnerability exists due to packet processing. In addition, Remote Management and Control Protocol (RMCP) over RMCP Security-Extensions Protocol (RSP) This vulnerability is only affected when management is enabled. This feature is disabled by default.A remote attacker could execute arbitrary code or disrupt service operations (DoS) There is a possibility of being attacked. Remote control and alarm interfaces can be defined for systems and devices when the host operating system does not exist. This feature is disabled by default. Broadcom NetXtreme devices are prone to a remote code-execution vulnerability. \nThe following versions are vulnerable:\n- BCM5751, BCM5752, BCM5753, BCM5754, BCM5755, BCM5756, BCM5764, and BCM5787 with firmware version  8.04\n- BCM57760 with firmware version 8.07\n- BCM5761 with firmware version 1.24.0.9. Broadcom is the world\u0027s leading semiconductor company for wired and wireless communications. \n\nDisable the management firmware or Secure ASF (RSP) support. ----------------------------------------------------------------------\n\n\nUse WSUS to deploy 3rd party patches\n\nPublic BETA\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_3rd_third_party_patching/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nHP Broadcom Integrated NIC Management Firmware Vulnerability\n\nSECUNIA ADVISORY ID:\nSA39003\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/39003/\n\nDESCRIPTION:\nA vulnerability has been reported in Broadcom Integrated NIC\nManagement Firmware for HP PCs, which can be exploited by malicious\npeople to compromise a vulnerable system. \n\nThe vulnerability is reported in 1.x versions prior to 1.40.0.0, and\n8.x versions prior to 8.08. Please see the vendor\u0027s advisory for\ndetails on affected hardware. \n\nSOLUTION:\nUpdate to version 1.40.0.0 or 8.08 (available via softpaq SP47557). \nftp://ftp.hp.com/pub/softpaq/sp47501-48000/sp47557.exe\n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nHPSBGN02511 SSRT100022:\nhttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02048471\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2010-0104"
      },
      {
        "db": "CERT/CC",
        "id": "VU#512705"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001341"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0456"
      },
      {
        "db": "BID",
        "id": "38759"
      },
      {
        "db": "VULHUB",
        "id": "VHN-42709"
      },
      {
        "db": "PACKETSTORM",
        "id": "87658"
      },
      {
        "db": "PACKETSTORM",
        "id": "87351"
      }
    ],
    "trust": 3.42
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#512705",
        "trust": 4.3
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0104",
        "trust": 3.4
      },
      {
        "db": "BID",
        "id": "38759",
        "trust": 2.8
      },
      {
        "db": "SECUNIA",
        "id": "39003",
        "trust": 2.6
      },
      {
        "db": "SECTRACK",
        "id": "1023710",
        "trust": 2.5
      },
      {
        "db": "VUPEN",
        "id": "ADV-2010-0631",
        "trust": 2.5
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001341",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-245",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0456",
        "trust": 0.6
      },
      {
        "db": "SECUNIA",
        "id": "39107",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-42709",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "87658",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "87351",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#512705"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0456"
      },
      {
        "db": "VULHUB",
        "id": "VHN-42709"
      },
      {
        "db": "BID",
        "id": "38759"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001341"
      },
      {
        "db": "PACKETSTORM",
        "id": "87658"
      },
      {
        "db": "PACKETSTORM",
        "id": "87351"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-245"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0104"
      }
    ]
  },
  "id": "VAR-201003-0152",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2010-0456"
      },
      {
        "db": "VULHUB",
        "id": "VHN-42709"
      }
    ],
    "trust": 1.575
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2010-0456"
      }
    ]
  },
  "last_update_date": "2025-04-11T23:10:09.626000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "HPSBGN02511",
        "trust": 0.8,
        "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c02048471"
      },
      {
        "title": "Patch for Broadcom NetXtreme ASF Buffer Overflow Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/2211"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2010-0456"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001341"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2010-0104"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.9,
        "url": "http://www.kb.cert.org/vuls/id/512705"
      },
      {
        "trust": 2.6,
        "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c02048471"
      },
      {
        "trust": 2.5,
        "url": "http://www.securityfocus.com/bid/38759"
      },
      {
        "trust": 2.5,
        "url": "http://securitytracker.com/id?1023710"
      },
      {
        "trust": 2.5,
        "url": "http://secunia.com/advisories/39003"
      },
      {
        "trust": 2.5,
        "url": "http://www.vupen.com/english/advisories/2010/0631"
      },
      {
        "trust": 1.1,
        "url": "http://www.ssi.gouv.fr/site_article185.html"
      },
      {
        "trust": 0.8,
        "url": "http://www.certa.ssi.gouv.fr/site/certa-2010-avi-121/index.html"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0104"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu512705/index.html"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0104"
      },
      {
        "trust": 0.6,
        "url": "http://www.kb.cert.org/vuls/id/512705http"
      },
      {
        "trust": 0.3,
        "url": "http://www.ssi.gouv.fr/site_article186.html"
      },
      {
        "trust": 0.3,
        "url": " http://www.phptoys.com/product/micro-news.html"
      },
      {
        "trust": 0.3,
        "url": "http://www.broadcom.com/products/brands/netxtreme"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/39107/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/39003/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_3rd_third_party_patching/"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#512705"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0456"
      },
      {
        "db": "VULHUB",
        "id": "VHN-42709"
      },
      {
        "db": "BID",
        "id": "38759"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001341"
      },
      {
        "db": "PACKETSTORM",
        "id": "87658"
      },
      {
        "db": "PACKETSTORM",
        "id": "87351"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-245"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0104"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#512705"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0456"
      },
      {
        "db": "VULHUB",
        "id": "VHN-42709"
      },
      {
        "db": "BID",
        "id": "38759"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001341"
      },
      {
        "db": "PACKETSTORM",
        "id": "87658"
      },
      {
        "db": "PACKETSTORM",
        "id": "87351"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-245"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0104"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2010-03-25T00:00:00",
        "db": "CERT/CC",
        "id": "VU#512705"
      },
      {
        "date": "2010-03-26T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2010-0456"
      },
      {
        "date": "2010-03-18T00:00:00",
        "db": "VULHUB",
        "id": "VHN-42709"
      },
      {
        "date": "2010-03-15T00:00:00",
        "db": "BID",
        "id": "38759"
      },
      {
        "date": "2010-04-27T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-001341"
      },
      {
        "date": "2010-03-28T10:42:33",
        "db": "PACKETSTORM",
        "id": "87658"
      },
      {
        "date": "2010-03-17T10:53:05",
        "db": "PACKETSTORM",
        "id": "87351"
      },
      {
        "date": "2010-03-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201003-245"
      },
      {
        "date": "2010-03-18T17:30:00.383000",
        "db": "NVD",
        "id": "CVE-2010-0104"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2010-06-21T00:00:00",
        "db": "CERT/CC",
        "id": "VU#512705"
      },
      {
        "date": "2010-03-26T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2010-0456"
      },
      {
        "date": "2019-10-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-42709"
      },
      {
        "date": "2010-05-18T17:02:00",
        "db": "BID",
        "id": "38759"
      },
      {
        "date": "2010-04-27T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-001341"
      },
      {
        "date": "2019-10-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201003-245"
      },
      {
        "date": "2025-04-11T00:51:21.963000",
        "db": "NVD",
        "id": "CVE-2010-0104"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-245"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Broadcom NetXtreme management firmware ASF buffer overflow",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#512705"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "lack of information",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-245"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2010-0104 (GCVE-0-2010-0104)

FKIE_CVE-2010-0104

GHSA-HXJG-CJPX-X3X5

GSD-2010-0104

CERTA-2010-AVI-121

Description

Solution

VAR-201003-0152

Tags

Sightings

Nomenclature