HP OpenView Select Access Unicode远程访问漏洞

漏洞信息详情

HP OpenView Select Access Unicode远程访问漏洞

• CNNVD编号：CNNVD-200407-043
• 危害等级： 高危
  
  
• CVE编号：
  CVE-2004-0709
  
• 漏洞类型：
  
  
  输入验证
  
• 发布时间：
  
  2004-05-26
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  hp
• 漏洞来源：
  HP Security Bullet…

HP OpenView Select Access是一款身份管理系统。
HP OpenView Select Access在处理URI中的Unicode字符时存在问题，远程攻击者可以利用这个漏洞未授权访问保护资源。
目前没有详细漏洞细节提供。

厂商补丁：
HP
—
HP已经为此发布了一个安全公告(HPSBMA01045)以及相应补丁:

HPSBMA01045：SSRT4719 rev.0 hp OpenView Select Access remote unauthorized access

补丁下载：

HP OpenView Select Access 5.0 Patch 4:

HP Patch OpenView Select Access 5.0 Patch 4C

http://support.openview.hp.com/cpe/select_access/patch_sa.jsp” target=”_blank”>
http://support.openview.hp.com/cpe/select_access/patch_sa.jsp

HP OpenView Select Access 5.1 Patch 1:

HP Patch OpenView Select Access 5.1 Patch 1Z

http://support.openview.hp.com/cpe/select_access/patch_sa.jsp” target=”_blank”>
http://support.openview.hp.com/cpe/select_access/patch_sa.jsp

HP OpenView Select Access 5.2:

HP Patch OpenView Select Access 5.2 Patch G

http://support.openview.hp.com/cpe/select_access/patch_sa.jsp” target=”_blank”>
http://support.openview.hp.com/cpe/select_access/patch_sa.jsp

HP OpenView Select Access 6.0:

HP Patch OpenView Select Access 6.0 Patch A

http://support.openview.hp.com/cpe/select_access/patch_sa.jsp” target=”_blank”>
http://support.openview.hp.com/cpe/select_access/patch_sa.jsp

来源:US-CERT Vulnerability Note: VU#205766
名称: VU#205766
链接:http://www.kb.cert.org/vuls/id/205766

来源: BID
名称: 10414
链接:http://www.securityfocus.com/bid/10414

来源: XF
名称: openview-select-gain-access(16247)
链接:http://xforce.iss.net/xforce/xfdb/16247

来源: HP
名称: SSRT4719
链接:http://www.securityfocus.com/advisories/6774