CVE-2008-3539: Infoleak
First published: Wed Sep 10 2008(Updated: )
Unspecified vulnerability in HP OpenView Select Identity (HPSI) Connectors on Windows, as used in HPSI Active Directory Connector 2.30 and earlier, HPSI SunOne Connector 1.14 and earlier, HPSI eDirectory Connector 1.12 and earlier, HPSI eTrust Connector 1.02 and earlier, HPSI OID Connector 1.02 and earlier, HPSI IBM Tivoli Dir Connector 1.02 and earlier, HPSI TOPSecret Connector 2.22.001 and earlier, HPSI RACF Connector 1.12.001 and earlier, HPSI ACF2 Connector 1.02 and earlier, HPSI OpenLDAP Connector 1.02 and earlier, and HPSI BiDir DirX Connector 1.00.003 and earlier, allows local users to obtain sensitive information via unknown vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Hp Hpsi Acf2 Connector | <=1.02 | |
| Hp Hpsi Active Directory Connector | <=1.70.003 | |
| Hp Hpsi Active Directory Connector | <=2.10.002 | |
| Hp Hpsi Active Directory Connector | <=2.20 | |
| Hp Hpsi Active Directory Connector | <=2.30 | |
| Hp Hpsi Bidir Dirx Connector | <=1.00.003 | |
| Hp Hpsi Edirectory Connector | <=1.12 | |
| Hp Hpsi Etrust Connector | <=1.02 | |
| Hp Hpsi Oid Connector | <=1.02 | |
| OpenLDAP | <=1.02 | |
| Hp Hpsi Racf Connector | <=1.12.001 | |
| Hp Hpsi Sunone Connector | <=1.14 | |
| Hp Hpsi Topsecret Connector | <=2.22.001 | |
| Hp Ibm Tivoli Dir Connector | <=1.02 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://secunia.com/advisories/31764
- http://www.securityfocus.com/bid/31024
- http://securitytracker.com/id?1020821
- http://marc.info/?l=bugtraq&m=122062779731581&w=2
- http://securityreason.com/securityalert/4236
- http://www.vupen.com/english/advisories/2008/2501
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44916
Frequently Asked Questions
What is the severity of CVE-2008-3539?
CVE-2008-3539 has not been assigned a standard severity rating, but it affects multiple HP OpenView Select Identity Connectors.
How do I fix CVE-2008-3539?
To mitigate CVE-2008-3539, upgrade all affected HP OpenView Select Identity Connectors to versions beyond those listed in the vulnerability description.
Which software is affected by CVE-2008-3539?
CVE-2008-3539 affects various versions of HP OpenView Select Identity Connectors including the Active Directory Connector, eDirectory Connector, and others up to specified versions.
When was CVE-2008-3539 disclosed?
CVE-2008-3539 was disclosed in 2008 and involves vulnerabilities in HP's identity management software.
What potential risks does CVE-2008-3539 pose?
CVE-2008-3539 may lead to unauthorized access or manipulation of identity information within the affected Connectors.
- collector/nvd-historical
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/author
- agent/references
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/hp
- canonical/hp hpsi acf2 connector
- version/hp hpsi acf2 connector/1.02
- canonical/hp hpsi active directory connector
- version/hp hpsi active directory connector/1.70.003
- version/hp hpsi active directory connector/2.10.002
- version/hp hpsi active directory connector/2.20
- version/hp hpsi active directory connector/2.30
- canonical/hp hpsi bidir dirx connector
- version/hp hpsi bidir dirx connector/1.00.003
- canonical/hp hpsi edirectory connector
- version/hp hpsi edirectory connector/1.12
- canonical/hp hpsi etrust connector
- version/hp hpsi etrust connector/1.02
- canonical/hp hpsi oid connector
- version/hp hpsi oid connector/1.02
- canonical/openldap
- version/openldap/1.02
- canonical/hp hpsi racf connector
- version/hp hpsi racf connector/1.12.001
- canonical/hp hpsi sunone connector
- version/hp hpsi sunone connector/1.14
- canonical/hp hpsi topsecret connector
- version/hp hpsi topsecret connector/2.22.001
- canonical/hp ibm tivoli dir connector
- version/hp ibm tivoli dir connector/1.02
- vendor/microsoft
- canonical/microsoft windows