TippingPoint Zero Day Initiative

HP OpenView Radia Integration Server File System Exposure Vulnerability

ZDI-07-060: October 31st, 2007

CVE ID

CVE-2007-5413

Affected Vendors

Hewlett-Packard

Affected Products

OpenView Radia Integration Server

Vulnerability Details

This vulnerability allows remote attackers to access arbitrary files on systems with vulnerable installations of Hewlett-Packard OpenView Radia Integration Server. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the HTTP server bound by default to TCP port 3465. Insufficient checks on URLs containing paths such as '~root' allows attackers to access arbitrary files in the underlying OS. Accessing configuration files that contain LDAP and database credentials can lead to further compromise.

Vendor Response

Hewlett-Packard states:

Hewlett-Packard has issued an update to correct this vulnerability.

Disclosure Timeline

2006-12-18 - Vulnerability reported to vendor
2007-10-31 - Coordinated public release of advisory

Credit

This vulnerability was discovered by:

Anonymous

Published Advisories

ZDI-08-044: Mozilla Firefox

• published 2008-07-17

ZDI-08-043: Sun Microsystems

• published 2008-07-17

ZDI-08-042: Sun Microsystems

• published 2008-07-17

ZDI-08-041: Novell

• published 2008-07-10

ZDI-08-040: Microsoft

• published 2008-06-10

Upcoming Advisories

Microsoft

• reported 2008-07-08, 13 days ago

EMC

• reported 2008-07-07, 14 days ago

EMC

• reported 2008-07-07, 14 days ago

Adobe

• reported 2008-07-03, 18 days ago

Symantec

• reported 2008-06-26, 25 days ago

Recent Press

iPhone and iPod Touch updated with security patches

• published 2008-07-11, CNET

Apple TV gets a security update

• published 2008-07-10, CNET

First reports of a Firefox 3 vulnerability

• published 2008-06-19, BetaNews

Researchers disclose Firefox 3 flaws

• published 2008-06-19, SecurityFocus

Millions of downloads -- and the first critical ...

• published 2008-06-19, SCMagazine