Vigil@nce: HP OpenView Select Identity, unauthorized access
July 2008 by Vigil@nce
SYNTHESIS
A remote attacker can use a vulnerability of HP OpenView Select
Identity Active Directory Bidirectional LDAP Connector in order to
access to the system.
Gravity: 3/4
Consequences: user access/rights, data reading
Provenance: intranet client
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 22/07/2008
Identifier: VIGILANCE-VUL-7959
IMPACTED PRODUCTS
– Hewlett-Packard OpenView
DESCRIPTION
The bidirectional Active Directory - LDAP connector (BiDir
ActiveDir Connector) of HP OpenView Select Identity (HPSI) is used
to interface directories.
A remote attacker can use a vulnerability of HP OpenView Select
Identity Active Directory Bidirectional LDAP Connector on Windows
in order to access to the system.
Technical details are unknown.
CHARACTERISTICS
Identifiers: c01502023, CVE-2008-1665, HPSBMA02346, SSRT080097, VIGILANCE-VUL-7959