| CVE ID | CVE-2007-5413 |
| CVSS SCORE | |
| AFFECTED VENDORS |
Hewlett-Packard |
| AFFECTED PRODUCTS |
OpenView Radia Integration Server |
| TREND MICRO CUSTOMER PROTECTION | Trend Micro TippingPoint IPS customers are protected against this vulnerability by Digital Vaccine protection filter ID ['4942']. For further product information on the TippingPoint IPS: http://www.tippingpoint.com |
| VULNERABILITY DETAILS |
This vulnerability allows remote attackers to access arbitrary files on systems with vulnerable installations of Hewlett-Packard OpenView Radia Integration Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP server bound by default to TCP port 3465. Insufficient checks on URLs containing paths such as '~root' allows attackers to access arbitrary files in the underlying OS. Accessing configuration files that contain LDAP and database credentials can lead to further compromise. |
| ADDITIONAL DETAILS |
Hewlett-Packard has issued an update to correct this vulnerability. |
| DISCLOSURE TIMELINE |
|
| CREDIT | Anonymous |
