CVE-2008-0068

Published: Apr 16, 2008Modified: Apr 23, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Directory traversal vulnerability in OpenView5.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to read arbitrary files via directory traversal sequences in the Action parameter.

Affected (2)

Products: Hp: Openview Network Node Manager

1 product

Openview Network Node Manager

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Hp Openview Network Node Manager	Version 7.51
Hp Openview Network Node Manager	Version 7.53

Related CWEs

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

References (26)

http://aluigi.altervista.org/adv/closedviewx-adv.txt

Source: PSIRT-CNA@flexerasoftware.com

Exploit

http://marc.info/?l=bugtraq&m=121553649611253&w=2

Source: PSIRT-CNA@flexerasoftware.com

http://secunia.com/advisories/29796

Source: PSIRT-CNA@flexerasoftware.com

http://secunia.com/secunia_research/2008-4/advisory/

Source: PSIRT-CNA@flexerasoftware.com

http://securityreason.com/securityalert/3814

Source: PSIRT-CNA@flexerasoftware.com

http://www.osvdb.org/44359

Source: PSIRT-CNA@flexerasoftware.com

http://www.securityfocus.com/archive/1/490771

Source: PSIRT-CNA@flexerasoftware.com

http://www.securityfocus.com/archive/1/490834/100/0/threaded

Source: PSIRT-CNA@flexerasoftware.com

http://www.securityfocus.com/bid/28745

Source: PSIRT-CNA@flexerasoftware.com

Exploit

http://www.securitytracker.com/id?1019838

Source: PSIRT-CNA@flexerasoftware.com

http://www.securitytracker.com/id?1019839

Source: PSIRT-CNA@flexerasoftware.com

http://www.vupen.com/english/advisories/2008/1214/references

Source: PSIRT-CNA@flexerasoftware.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/41790

Source: PSIRT-CNA@flexerasoftware.com

http://aluigi.altervista.org/adv/closedviewx-adv.txt

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://marc.info/?l=bugtraq&m=121553649611253&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/29796

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/secunia_research/2008-4/advisory/

Source: af854a3a-2127-422b-91ae-364da2661108

http://securityreason.com/securityalert/3814

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/44359

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/490771

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/490834/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/28745

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.securitytracker.com/id?1019838

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1019839

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2008/1214/references

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/41790

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.