Lucene search

[email protected]CVE-2006-5782

HistoryNov 09, 2006 - 12:07 a.m.

CVE-2006-5782

2006-11-0900:07:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

hp openview

ccm

radexecd.exe

authentication bypass

cve-2006-5782

denial of service

remote attack

7.4 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.055 Low

EPSS

Percentile

93.1%

JSON

radexecd.exe in HP OpenView Client Configuraton Manager (CCM) does not require authentication before executing commands in the installation directory, which allows remote attackers to cause a denial of service (reboot) by calling radbootw.exe or create arbitrary files by calling radcrecv.

CPENameOperatorVersion
hp:openview_client_configuraton_managerhp openview client configuraton managereq*

CPE	Name	Operator	Version
hp:openview_client_configuraton_manager	hp openview client configuraton manager	eq	*

References

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00795552

secunia.com/advisories/22780

securityreason.com/securityalert/1842

securitytracker.com/id?1017197

www.securityfocus.com/archive/1/450942/100/0/threaded

www.vupen.com/english/advisories/2006/4410

exchange.xforce.ibmcloud.com/vulnerabilities/30138

7.4 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.055 Low

EPSS

Percentile

93.1%

JSON

Related for CVE-2006-5782

checkpoint_advisories1 securityvulns2