CVE-2006-5782

Currently unrated

Key Information:

Vendor: HP
Status: Openview Client Configuraton Manager
Vendor: CVE Published:; 9 November 2006

Summary

radexecd.exe in HP OpenView Client Configuraton Manager (CCM) does not require authentication before executing commands in the installation directory, which allows remote attackers to cause a denial of service (reboot) by calling radbootw.exe or create arbitrary files by calling radcrecv.

References

http://www.securityfocus.com/archive/1/450942/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://secunia.com/advisories/22780

third-party-advisoryx_refsource_SECUNIA

http://h20000.www2.hp.com/bizsupport/TechSupport/Document...

vendor-advisoryx_refsource_HP

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 9, 2006
Vulnerability Reserved
Nov 7, 2006