Computer Security

HP OpenView unauthorized access
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



HP OpenView unauthorized access
Published:24.10.2007
Source:BUGTRAQ
SecurityVulns ID:8289
Type:remote
Level:6/10
Description:HP OpenView Configuration Management (CM) Infrastructure (Radia) and Client Configuration Manager (CCM) unauthorized access thorugh httpd.tkd.
Affected:HP : OpenView Configuration Management Infrastructure 4.0
 HP : OpenView Configuration Management Infrastructure 4.1
 HP : OpenView Configuration Management Infrastructure 4.2
 HP : OpenView Client Configuration Manager 2.0
CVE:CVE-2007-5413 (httpd.tkd in Radia Integration Server in Hewlett-Packard (HP) OpenView Configuration Management (CM) Infrastructure 4.0 through 4.2i and Client Configuration Manager (CCM) 2.0 allows remote attackers to read arbitrary files via URLs containing tilde (~) references to home directories, as demonstrated by ~root.)
Original documentdocumentHP, HPSBMA02279 SSRT071298 rev.1 - HP OpenView Configuration Management (CM) Infrastructure (Radia) and Client Configuration Manager (CCM) Running httpd.tkd, Remote Unauthorized Access to Data (24.10.2007)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru