Novell is now a part of Micro Focus

My Favorites

Close

Please to see your favorites.

Security Vulnerability: Novell Privileged User Manager Remote Library Injection Vulnerability

This document (7003640) is provided subject to the disclaimer at the end of this document.

Environment

Novell Privileged User Manager 2.2.0

Situation

Security Vulnerability: Novell Privileged User Manager Remote Library Injection Vulnerability

Unauthenticated remote attackers could exploit this vulnerability and execute arbitrary code on systems running vulnerable versions of Novell Privileged User Manager.

Vulnerable versions are
Novell Privileged User Manager 2.2.0

Resolution

This problem is resolved by applying the following patch:

Novell Privileged User Manager Framework Patch version 2.2.0 (Rev:15198)

This patch is located at https://download.novell.com

Status

Security Alert

Additional Information

This vulnerability was discovered by:
    * Stephen Fewer of Harmony Security (www.harmonysecurity.com) through TippingPoint and the Zero Day Initiative.

http://www.zerodayinitiative.com/advisories/ZDI-CAN-493.html

ZDI-CAN-493:  Novell Privileged User Manager Remote Library Injection Vulnerability

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7003640
  • Creation Date:25-JUN-09
  • Modified Date:26-APR-12
    • NetIQPrivileged User Manager

Did this document solve your problem? Provide Feedback