Vulnerabilities > CVE-2008-3539 - Information Exposure vulnerability in HP products
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Unspecified vulnerability in HP OpenView Select Identity (HPSI) Connectors on Windows, as used in HPSI Active Directory Connector 2.30 and earlier, HPSI SunOne Connector 1.14 and earlier, HPSI eDirectory Connector 1.12 and earlier, HPSI eTrust Connector 1.02 and earlier, HPSI OID Connector 1.02 and earlier, HPSI IBM Tivoli Dir Connector 1.02 and earlier, HPSI TOPSecret Connector 2.22.001 and earlier, HPSI RACF Connector 1.12.001 and earlier, HPSI ACF2 Connector 1.02 and earlier, HPSI OpenLDAP Connector 1.02 and earlier, and HPSI BiDir DirX Connector 1.00.003 and earlier, allows local users to obtain sensitive information via unknown vectors.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | Hp
| 11 |
| OS | 1 |
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Subverting Environment Variable Values The attacker directly or indirectly modifies environment variables used by or controlling the target software. The attacker's goal is to cause the target software to deviate from its expected operation in a manner that benefits the attacker.
- Footprinting An attacker engages in probing and exploration activity to identify constituents and properties of the target. Footprinting is a general term to describe a variety of information gathering techniques, often used by attackers in preparation for some attack. It consists of using tools to learn as much as possible about the composition, configuration, and security mechanisms of the targeted application, system or network. Information that might be collected during a footprinting effort could include open ports, applications and their versions, network topology, and similar information. While footprinting is not intended to be damaging (although certain activities, such as network scans, can sometimes cause disruptions to vulnerable applications inadvertently) it may often pave the way for more damaging attacks.
- Exploiting Trust in Client (aka Make the Client Invisible) An attack of this type exploits a programs' vulnerabilities in client/server communication channel authentication and data integrity. It leverages the implicit trust a server places in the client, or more importantly, that which the server believes is the client. An attacker executes this type of attack by placing themselves in the communication channel between client and server such that communication directly to the server is possible where the server believes it is communicating only with a valid client. There are numerous variations of this type of attack.
- Browser Fingerprinting An attacker carefully crafts small snippets of Java Script to efficiently detect the type of browser the potential victim is using. Many web-based attacks need prior knowledge of the web browser including the version of browser to ensure successful exploitation of a vulnerability. Having this knowledge allows an attacker to target the victim with attacks that specifically exploit known or zero day weaknesses in the type and version of the browser used by the victim. Automating this process via Java Script as a part of the same delivery system used to exploit the browser is considered more efficient as the attacker can supply a browser fingerprinting method and integrate it with exploit code, all contained in Java Script and in response to the same web page request by the browser.
- Session Credential Falsification through Prediction This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.
Seebug
| bulletinFamily | exploit |
| description | BUGTRAQ ID: 31024 CVE ID: CVE-2008-3539 CNCVE ID:CNCVE-20083539 HP OpenView Select Identity Connectors是一款身份管理解决方案包含的组件。 Windows平台下的HP OpenView Select Identity Connectors存在未明安全问题,本地攻击者可以利用漏洞获得敏感信息。 目前没有详细漏洞细节提供。 HP HPSI TOPSecret Connector 2.22.1 HP HPSI SunOne Connector 1.14 HP HPSI RACF Connector 1.12.1 HP HPSI OpenLDAP Connector 1.02 HP HPSI OID Connector 1.02 HP HPSI IBM Tivoli Dir Connector 1.02 HP HPSI eTrust Connector 1.02 HP HPSI eDirectory Connector 1.12 HP HPSI BiDir DirX Connector 1.0.3 HP HPSI Active Directory Connector 2.10.2 HP HPSI Active Directory Connector 1.70.3 HP HPSI Active Directory Connector 2.30.xxx HP HPSI Active Directory Connector 2.20 HP HPSI ACF2 Connector 1.02 可从<a href=http://support.openview.hp.com/selfsolve/ target=_blank>http://support.openview.hp.com/selfsolve/</a>中搜索 'select identity connectors'或者补丁文档ID获得补丁: HP OpenView Select Identity Connector - BiDir ActiveDir Connector 受影响软件版本- v 1.70.003及之前 补丁软件版本 - v 2.30 p2 补丁文档ID - BILDAPADCONN_00009 HP OpenView Select Identity Connector - BiDir ActiveDir Connector 受影响软件版本- v 2.10.002及之前 补丁软件版本 - v 2.10 p3 补丁文档ID - BILDAPADCONN_00008 HP OpenView Select Identity Connector - BiDir ActiveDir Connector 受影响软件版本- v 2.20.xxx and v2.30.xxx及之前 补丁软件版本 - v 1.70 p4 补丁文档ID - BILDAPADCONN_00010 HP OpenView Select Identity Connector - SunONE Connector 受影响软件版本- v 1.14及之前 补丁软件版本 - v 1.14.001 补丁文档ID - SUNONECONN_00003 HP OpenView Select Identity Connector - Novell eDir Connector 受影响软件版本- v 1.12及之前 补丁软件版本 - v 1.12.001 补丁文档ID - BILDAPEDIRECTORYCONN_00001 HP OpenView Select Identity Connector - CA eTrust Connector 受影响软件版本- v 1.02及之前 补丁软件版本 - v 1.02.001 补丁文档ID - BILDAPETRUSTCONN_00001 HP OpenView Select Identity Connector - OID BiLDAP Connector 受影响软件版本- v 1.02及之前 补丁软件版本 - v 1.02.001v 补丁文档ID - BILDAPOIDCONN_00001 HP OpenView Select Identity Connector - IBM Tivoli Dir Connector 受影响软件版本- v 1.02及之前 补丁软件版本 - v 1.02.001 补丁文档ID - BILDAPIBMDIRCONN_00001 HP OpenView Select Identity Connector - TopSecret Connector 受影响软件版本- v 2.22.001及之前 补丁软件版本 - v 2.22.002 补丁文档ID - TOPSECRETCONN_00002 HP OpenView Select Identity Connector - RACF Connector 受影响软件版本- v 1.12.001及之前 补丁软件版本 - v 1.12.002 补丁文档ID - RACFCONN_00002 HP OpenView Select Identity Connector - ACF2 Connector 受影响软件版本- v 1.02及之前 补丁软件版本 - v 1.02.001 补丁文档ID - ACF2CONN_00001 HP OpenView Select Identity Connector - OpenLDAP Connector 受影响软件版本- v 1.02及之前 补丁软件版本 - v 1.02.001 补丁文档ID - OPENLDAPCONN_00001 HP OpenView Select Identity Connector - BiDir DirX Connector 受影响软件版本- v 1.00.003及之前 补丁软件版本 - v 1.00.004 补丁文档ID - BILDAPDIRXCONN_00002 |
| id | SSV:4000 |
| last seen | 2017-11-19 |
| modified | 2008-09-10 |
| published | 2008-09-10 |
| reporter | Root |
| title | HP OpenView Select Identity Connectors本地信息泄漏漏洞 |
References
- http://marc.info/?l=bugtraq&m=122062779731581&w=2
- http://secunia.com/advisories/31764
- http://securityreason.com/securityalert/4236
- http://securitytracker.com/id?1020821
- http://www.securityfocus.com/bid/31024
- http://www.vupen.com/english/advisories/2008/2501
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44916