Hewlett-Packard OpenView Radia Integration Server File System Exposure Vulnerability

ID ZDI-07-060
Type zdi
Reporter Anonymous
Modified 2007-11-09T00:00:00


This vulnerability allows remote attackers to access arbitrary files on systems with vulnerable installations of Hewlett-Packard OpenView Radia Integration Server. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the HTTP server bound by default to TCP port 3465. Insufficient checks on URLs containing paths such as '~root' allows attackers to access arbitrary files in the underlying OS. Accessing configuration files that contain LDAP and database credentials can lead to further compromise.