| Vulnerability Name: | CVE-2008-0068 (CCN-41790) | ||||||||
| Assigned: | 2008-04-14 | ||||||||
| Published: | 2008-04-14 | ||||||||
| Updated: | 2018-10-15 | ||||||||
| Summary: | Directory traversal vulnerability in OpenView5.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to read arbitrary files via directory traversal sequences in the Action parameter. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N) 4.3 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:H/RL:OF/RC:C)
4.3 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:H/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-22 | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MISC Type: Exploit http://aluigi.altervista.org/adv/closedviewx-adv.txt Source: MITRE Type: CNA CVE-2008-0068 Source: HP Type: UNKNOWN SSRT080043 Source: CCN Type: SA29796 HP OpenView Network Node Manager Multiple Vulnerabilities Source: SECUNIA Type: UNKNOWN 29796 Source: CCN Type: Secunia Research 14/04/2008 HP OpenView Network Node Manager OpenView5.exe Directory Traversal Source: MISC Type: UNKNOWN http://secunia.com/secunia_research/2008-4/advisory/ Source: SREASON Type: UNKNOWN 3814 Source: CCN Type: SECTRACK ID: 1019838 HP OpenView Network Node Manager Input Validation Flaw in 'OpenView5.exe' Lets Remote Users Traverse the Directory Source: CCN Type: SECTRACK ID: 1019839 HP OpenView Network Node Manager ovalarmsrv and ovtopmd Bugs Let Remote Users Deny Service Source: CCN Type: HP Web site HP Network Node Manager (NNM) Advanced Edition software Source: OSVDB Type: UNKNOWN 44359 Source: CCN Type: OSVDB ID: 44359 HP OpenView Network Node Manager (OV NNM) OpenView5.exe Action Parameter Traversal Arbitrary File Access Source: BUGTRAQ Type: UNKNOWN 20080411 Directory traversal and multiple Denials of Service in HP OpenView NNM 7.53 Source: BUGTRAQ Type: UNKNOWN 20080414 Secunia Research: HP OpenView Network Node Manager OpenView5.exeDirectory Traversal Source: BID Type: Exploit 28745 Source: CCN Type: BID-28745 HP OpenView Network Node Manager Directory Traversal and Multiple Denial Of Service Vulnerabilities Source: SECTRACK Type: UNKNOWN 1019838 Source: SECTRACK Type: UNKNOWN 1019839 Source: VUPEN Type: UNKNOWN ADV-2008-1214 Source: XF Type: UNKNOWN hpopenview-openview5-directory-traversal(41790) Source: XF Type: UNKNOWN hpopenview-openview5-directory-traversal(41790) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||