HP » Openview Client Configuraton Manager : Security Vulnerabilities, CVEs,
httpd.tkd in Radia Integration Server in Hewlett-Packard (HP) OpenView Configuration Management (CM) Infrastructure 4.0 through 4.2i and Client Configuration Manager (CCM) 2.0 allows remote attackers to read arbitrary files via URLs containing tilde (~) references to home directories, as demonstrated by ~root.
Max CVSS
7.8
EPSS Score
1.67%
Published
2007-10-29
Updated
2018-10-15
radexecd.exe in HP OpenView Client Configuraton Manager (CCM) does not require authentication before executing commands in the installation directory, which allows remote attackers to cause a denial of service (reboot) by calling radbootw.exe or create arbitrary files by calling radcrecv.
Max CVSS
7.8
EPSS Score
5.51%
Published
2006-11-09
Updated
2018-10-17
2 vulnerabilities found