Computer Security
[EN] securityvulns.ru no-pyccku


HP OpenView Radia Integration Server directory traversal
Published:02.11.2007
Source:
SecurityVulns ID:8311
Type:remote
Threat Level:
5/10
Description:It's possible to access different directories by using constructions like ~root in TCP/3465 webserver.
CVE:CVE-2007-5413 (httpd.tkd in Radia Integration Server in Hewlett-Packard (HP) OpenView Configuration Management (CM) Infrastructure 4.0 through 4.2i and Client Configuration Manager (CCM) 2.0 allows remote attackers to read arbitrary files via URLs containing tilde (~) references to home directories, as demonstrated by ~root.)
Original documentdocumentZDI, ZDI-07-060: HP OpenView Radia Integration Server File System Exposure Vulnerability (02.11.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod