Sign-up

ID

VAR-201003-0152


CVE

CVE-2010-0104


TITLE

Broadcom NetXtreme management firmware ASF buffer overflow

Trust: 0.8

sources: CERT/CC: VU#512705

DESCRIPTION

Unspecified vulnerability in the Broadcom Integrated NIC Management Firmware 1.x before 1.40.0.0 and 8.x before 8.08 on the HP Small Form Factor and Microtower platforms allows remote attackers to execute arbitrary code via unknown vectors. Broadcom NetXtreme Management firmware contains a buffer overflow vulnerability. Part of Broadcom NetXtreme The management firmware installed on the network adapter is Alert Standard Format (ASF) Is supported. Crafted ASF version 2.0 RAKP Message 1 A buffer overflow vulnerability exists due to packet processing. In addition, Remote Management and Control Protocol (RMCP) over RMCP Security-Extensions Protocol (RSP) This vulnerability is only affected when management is enabled. This feature is disabled by default.A remote attacker could execute arbitrary code or disrupt service operations (DoS) There is a possibility of being attacked. Remote control and alarm interfaces can be defined for systems and devices when the host operating system does not exist. This feature is disabled by default. Broadcom NetXtreme devices are prone to a remote code-execution vulnerability. The following versions are vulnerable: - BCM5751, BCM5752, BCM5753, BCM5754, BCM5755, BCM5756, BCM5764, and BCM5787 with firmware version 8.04 - BCM57760 with firmware version 8.07 - BCM5761 with firmware version 1.24.0.9. Broadcom is the world's leading semiconductor company for wired and wireless communications. Disable the management firmware or Secure ASF (RSP) support. ---------------------------------------------------------------------- Use WSUS to deploy 3rd party patches Public BETA http://secunia.com/vulnerability_scanning/corporate/wsus_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: HP Broadcom Integrated NIC Management Firmware Vulnerability SECUNIA ADVISORY ID: SA39003 VERIFY ADVISORY: http://secunia.com/advisories/39003/ DESCRIPTION: A vulnerability has been reported in Broadcom Integrated NIC Management Firmware for HP PCs, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is reported in 1.x versions prior to 1.40.0.0, and 8.x versions prior to 8.08. Please see the vendor's advisory for details on affected hardware. SOLUTION: Update to version 1.40.0.0 or 8.08 (available via softpaq SP47557). ftp://ftp.hp.com/pub/softpaq/sp47501-48000/sp47557.exe PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: HPSBGN02511 SSRT100022: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02048471 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 3.42

sources: NVD: CVE-2010-0104 // CERT/CC: VU#512705 // JVNDB: JVNDB-2010-001341 // CNVD: CNVD-2010-0456 // BID: 38759 // VULHUB: VHN-42709 // PACKETSTORM: 87658 // PACKETSTORM: 87351

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2010-0456

AFFECTED PRODUCTS

vendor:broadcommodel:broadcomscope:lteversion:integrated_nic_management_firmware

Trust: 1.0

vendor:broadcommodel: - scope: - version: -

Trust: 0.8

vendor:hewlett packardmodel: - scope: - version: -

Trust: 0.8

vendor:hewlett packardmodel:hp compaq 6005 pro microtower pcscope: - version: -

Trust: 0.8

vendor:hewlett packardmodel:hp compaq 6005 pro small form factor pcscope: - version: -

Trust: 0.8

vendor:hewlett packardmodel:hp compaq dc5700 microtower pcscope: - version: -

Trust: 0.8

vendor:hewlett packardmodel:hp compaq dc5700 small form factor pcscope: - version: -

Trust: 0.8

vendor:hewlett packardmodel:hp compaq dc5750 microtower pcscope: - version: -

Trust: 0.8

vendor:hewlett packardmodel:hp compaq dc5750 small form factor pcscope: - version: -

Trust: 0.8

vendor:hewlett packardmodel:hp compaq dc5850 microtower pcscope: - version: -

Trust: 0.8

vendor:hewlett packardmodel:hp compaq dc5850 small form factor pcscope: - version: -

Trust: 0.8

vendor:hewlett packardmodel:hp compaq dc7600 convertible minitower pcscope: - version: -

Trust: 0.8

vendor:hewlett packardmodel:hp compaq dc7600 small form factor pcscope: - version: -

Trust: 0.8

vendor:hewlett packardmodel:hp compaq dc7600 ultra-slim desktop pcscope: - version: -

Trust: 0.8

vendor:hewlett packardmodel:hp compaq dx7200 microtower pcscope: - version: -

Trust: 0.8

vendor:hewlett packardmodel:hp rp3000 point of sale systemscope: - version: -

Trust: 0.8

vendor:hewlett packardmodel:hp rp5700 desktop pcscope: - version: -

Trust: 0.8

vendor:hewlett packardmodel:hp rp5700 point of sale systemscope: - version: -

Trust: 0.8

vendor:nomodel: - scope: - version: -

Trust: 0.6

vendor:broadcommodel:broadcomscope:eqversion:integrated_nic_management_firmware

Trust: 0.6

vendor:hpmodel:workstation z800scope: - version: -

Trust: 0.3

vendor:hpmodel:workstation z600scope: - version: -

Trust: 0.3

vendor:hpmodel:workstation z400scope: - version: -

Trust: 0.3

vendor:hpmodel:workstation xw8600scope: - version: -

Trust: 0.3

vendor:hpmodel:workstation xw8400scope: - version: -

Trust: 0.3

vendor:hpmodel:workstation xw6600scope: - version: -

Trust: 0.3

vendor:hpmodel:workstation xw6400scope: - version: -

Trust: 0.3

vendor:hpmodel:workstation xw6200scope: - version: -

Trust: 0.3

vendor:hpmodel:workstation xw4600scope: - version: -

Trust: 0.3

vendor:hpmodel:workstation xw4550scope: - version: -

Trust: 0.3

vendor:hpmodel:workstation xw4400scope: - version: -

Trust: 0.3

vendor:hpmodel:workstation xw4300scope: - version: -

Trust: 0.3

vendor:hpmodel:workstation xw4200scope: - version: -

Trust: 0.3

vendor:hpmodel:workstation xw3400scope: - version: -

Trust: 0.3

vendor:hpmodel:workstation xwscope:eqversion:4100

Trust: 0.3

vendor:hpmodel:rp5700 point of sale systemscope:eqversion:8.04

Trust: 0.3

vendor:hpmodel:rp5700 point of salescope:eqversion:0

Trust: 0.3

vendor:hpmodel:rp5700 desktop pcscope:eqversion:8.04

Trust: 0.3

vendor:hpmodel:rp5700 business desktopscope:eqversion:0

Trust: 0.3

vendor:hpmodel:rp3000 point of sale systemscope:eqversion:8.04

Trust: 0.3

vendor:hpmodel:compaq dx7200 microtower pcscope:eqversion:8.04

Trust: 0.3

vendor:hpmodel:compaq dx7200 microtowerscope:eqversion:0

Trust: 0.3

vendor:hpmodel:compaq dc7600 ultra-slim desktop pcscope:eqversion:8.04

Trust: 0.3

vendor:hpmodel:compaq dc7600 small form factor pcscope:eqversion:8.04

Trust: 0.3

vendor:hpmodel:compaq dc7600 small form factorscope:eqversion:0

Trust: 0.3

vendor:hpmodel:compaq dc7600 microtowerscope:eqversion:0

Trust: 0.3

vendor:hpmodel:compaq dc7600 convertible minitower pcscope:eqversion:8.04

Trust: 0.3

vendor:hpmodel:compaq dc7600 convertiblescope:eqversion:0

Trust: 0.3

vendor:hpmodel:compaq dc5850 small form factor pcscope:eqversion:8.04

Trust: 0.3

vendor:hpmodel:compaq dc5850 small form factorscope:eqversion:0

Trust: 0.3

vendor:hpmodel:compaq dc5850 microtower pcscope:eqversion:8.04

Trust: 0.3

vendor:hpmodel:compaq dc5850 microtowerscope:eqversion:0

Trust: 0.3

vendor:hpmodel:compaq dc5750 small form factor pcscope:eqversion:8.04

Trust: 0.3

vendor:hpmodel:compaq dc5750 small form factorscope:eqversion:0

Trust: 0.3

vendor:hpmodel:compaq dc5750 microtower pcscope:eqversion:8.04

Trust: 0.3

vendor:hpmodel:compaq dc5750 microtowerscope:eqversion:0

Trust: 0.3

vendor:hpmodel:compaq dc5700 small form factor pcscope:eqversion:8.04

Trust: 0.3

vendor:hpmodel:compaq dc5700 small form factorscope:eqversion:0

Trust: 0.3

vendor:hpmodel:compaq dc5700 microtower pcscope:eqversion:8.04

Trust: 0.3

vendor:hpmodel:compaq dc5700 microtowerscope:eqversion:0

Trust: 0.3

vendor:hpmodel:compaq pro small form factor pcscope:eqversion:60051.24.9

Trust: 0.3

vendor:hpmodel:compaq pro small form factor pcscope:eqversion:60050

Trust: 0.3

vendor:hpmodel:compaq pro microtower pcscope:eqversion:60051.24.9

Trust: 0.3

vendor:hpmodel:compaq pro microtower pcscope:eqversion:60050

Trust: 0.3

vendor:broadcommodel:netxtreme bcm5787scope:eqversion:8.04

Trust: 0.3

vendor:broadcommodel:netxtreme bcm57760scope:eqversion:8.07

Trust: 0.3

vendor:broadcommodel:netxtreme bcm5764scope:eqversion:8.04

Trust: 0.3

vendor:broadcommodel:netxtreme bcm5761scope:eqversion:1.249

Trust: 0.3

vendor:broadcommodel:netxtreme bcm5756scope:eqversion:8.04

Trust: 0.3

vendor:broadcommodel:netxtreme bcm5755scope:eqversion:8.04

Trust: 0.3

vendor:broadcommodel:netxtreme bcm5754scope:eqversion:8.04

Trust: 0.3

vendor:broadcommodel:netxtreme bcm5753scope:eqversion:8.04

Trust: 0.3

vendor:broadcommodel:netxtreme bcm5752scope:eqversion:8.04

Trust: 0.3

vendor:broadcommodel:netxtreme bcm5751scope:eqversion:8.04

Trust: 0.3

vendor:hpmodel:rp5700 point of sale systemscope:neversion:8.08

Trust: 0.3

vendor:hpmodel:rp5700 desktop pcscope:neversion:8.08

Trust: 0.3

vendor:hpmodel:rp3000 point of sale systemscope:neversion:8.08

Trust: 0.3

vendor:hpmodel:compaq dx7200 microtower pcscope:neversion:8.08

Trust: 0.3

vendor:hpmodel:compaq dc7600 ultra-slim desktop pcscope:neversion:8.08

Trust: 0.3

vendor:hpmodel:compaq dc7600 small form factor pcscope:neversion:8.08

Trust: 0.3

vendor:hpmodel:compaq dc7600 convertible minitower pcscope:neversion:8.08

Trust: 0.3

vendor:hpmodel:compaq dc5850 small form factor pcscope:neversion:8.08

Trust: 0.3

vendor:hpmodel:compaq dc5850 microtower pcscope:neversion:8.08

Trust: 0.3

vendor:hpmodel:compaq dc5750 small form factor pcscope:neversion:8.08

Trust: 0.3

vendor:hpmodel:compaq dc5750 microtower pcscope:neversion:8.08

Trust: 0.3

vendor:hpmodel:compaq dc5700 small form factor pcscope:neversion:8.08

Trust: 0.3

vendor:hpmodel:compaq dc5700 microtower pcscope:neversion:8.08

Trust: 0.3

vendor:hpmodel:compaq pro small form factor pcscope:neversion:60051.40.0

Trust: 0.3

vendor:hpmodel:compaq pro microtower pcscope:neversion:60051.40.0

Trust: 0.3

sources: CERT/CC: VU#512705 // CNVD: CNVD-2010-0456 // BID: 38759 // JVNDB: JVNDB-2010-001341 // CNNVD: CNNVD-201003-245 // NVD: CVE-2010-0104

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2010-0104
value: HIGH

Trust: 1.0

CARNEGIE MELLON: VU#512705
value: 0.68

Trust: 0.8

NVD: CVE-2010-0104
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201003-245
value: CRITICAL

Trust: 0.6

VULHUB: VHN-42709
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2010-0104
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-42709
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#512705 // VULHUB: VHN-42709 // JVNDB: JVNDB-2010-001341 // CNNVD: CNNVD-201003-245 // NVD: CVE-2010-0104

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2010-0104

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201003-245

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201003-245

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2010-001341

PATCH
title:HPSBGN02511url:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02048471
Trust: 0.8
title:Patch for Broadcom NetXtreme ASF Buffer Overflow Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/2211
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2010-0456 // 
            
            
            
            JVNDB: JVNDB-2010-001341

EXTERNAL IDS
db:CERT/CCid:VU#512705
Trust: 4.3
db:NVDid:CVE-2010-0104
Trust: 3.4
db:BIDid:38759
Trust: 2.8
db:SECUNIAid:39003
Trust: 2.6
db:SECTRACKid:1023710
Trust: 2.5
db:VUPENid:ADV-2010-0631
Trust: 2.5
db:JVNDBid:JVNDB-2010-001341
Trust: 0.8
db:CNNVDid:CNNVD-201003-245
Trust: 0.7
db:CNVDid:CNVD-2010-0456
Trust: 0.6
db:SECUNIAid:39107
Trust: 0.2
db:VULHUBid:VHN-42709
Trust: 0.1
db:PACKETSTORMid:87658
Trust: 0.1
db:PACKETSTORMid:87351
Trust: 0.1
sources:
            
            
            CERT/CC: VU#512705 // 
            
            
            
            CNVD: CNVD-2010-0456 // 
            
            
            
            VULHUB: VHN-42709 // 
            
            
            
            BID: 38759 // 
            
            
            
            JVNDB: JVNDB-2010-001341 // 
            
            
            
            PACKETSTORM: 87658 // 
            
            
            
            PACKETSTORM: 87351 // 
            
            
            
            CNNVD: CNNVD-201003-245 // 
            
            
            
            NVD: CVE-2010-0104

REFERENCES
url:http://www.kb.cert.org/vuls/id/512705
Trust: 2.9
url:http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c02048471
Trust: 2.6
url:http://www.securityfocus.com/bid/38759
Trust: 2.5
url:http://securitytracker.com/id?1023710
Trust: 2.5
url:http://secunia.com/advisories/39003
Trust: 2.5
url:http://www.vupen.com/english/advisories/2010/0631
Trust: 2.5
url:http://www.ssi.gouv.fr/site_article185.html
Trust: 1.1
url:http://www.certa.ssi.gouv.fr/site/certa-2010-avi-121/index.html
Trust: 0.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0104
Trust: 0.8
url:http://jvn.jp/cert/jvnvu512705/index.html
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0104
Trust: 0.8
url:http://www.kb.cert.org/vuls/id/512705http
Trust: 0.6
url:http://www.ssi.gouv.fr/site_article186.html
Trust: 0.3
url: http://www.phptoys.com/product/micro-news.html
Trust: 0.3
url:http://www.broadcom.com/products/brands/netxtreme
Trust: 0.3
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.2
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.2
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.2
url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
Trust: 0.1
url:http://secunia.com/advisories/39107/
Trust: 0.1
url:http://secunia.com/advisories/39003/
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/corporate/wsus_3rd_third_party_patching/
Trust: 0.1
sources:
            
            
            CERT/CC: VU#512705 // 
            
            
            
            CNVD: CNVD-2010-0456 // 
            
            
            
            VULHUB: VHN-42709 // 
            
            
            
            BID: 38759 // 
            
            
            
            JVNDB: JVNDB-2010-001341 // 
            
            
            
            PACKETSTORM: 87658 // 
            
            
            
            PACKETSTORM: 87351 // 
            
            
            
            CNNVD: CNNVD-201003-245 // 
            
            
            
            NVD: CVE-2010-0104

CREDITS
HP
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201003-245

SOURCES
db:CERT/CCid:VU#512705
db:CNVDid:CNVD-2010-0456
db:VULHUBid:VHN-42709
db:BIDid:38759
db:JVNDBid:JVNDB-2010-001341
db:PACKETSTORMid:87658
db:PACKETSTORMid:87351
db:CNNVDid:CNNVD-201003-245
db:NVDid:CVE-2010-0104

LAST UPDATE DATE
2025-04-11T23:10:09.626000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#512705date:2010-06-21T00:00:00
db:CNVDid:CNVD-2010-0456date:2010-03-26T00:00:00
db:VULHUBid:VHN-42709date:2019-10-09T00:00:00
db:BIDid:38759date:2010-05-18T17:02:00
db:JVNDBid:JVNDB-2010-001341date:2010-04-27T00:00:00
db:CNNVDid:CNNVD-201003-245date:2019-10-17T00:00:00
db:NVDid:CVE-2010-0104date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:CERT/CCid:VU#512705date:2010-03-25T00:00:00
db:CNVDid:CNVD-2010-0456date:2010-03-26T00:00:00
db:VULHUBid:VHN-42709date:2010-03-18T00:00:00
db:BIDid:38759date:2010-03-15T00:00:00
db:JVNDBid:JVNDB-2010-001341date:2010-04-27T00:00:00
db:PACKETSTORMid:87658date:2010-03-28T10:42:33
db:PACKETSTORMid:87351date:2010-03-17T10:53:05
db:CNNVDid:CNNVD-201003-245date:2010-03-18T00:00:00
db:NVDid:CVE-2010-0104date:2010-03-18T17:30:00.383