Security Vulnerability: Novell Privileged User Manager Remote Library Injection Vulnerability

  • 7003640
  • 25-Jun-2009
  • 26-Apr-2012

Environment

Novell Privileged User Manager 2.2.0

Situation

Security Vulnerability: Novell Privileged User Manager Remote Library Injection Vulnerability

Unauthenticated remote attackers could exploit this vulnerability and execute arbitrary code on systems running vulnerable versions of Novell Privileged User Manager.

Vulnerable versions are
Novell Privileged User Manager 2.2.0

Resolution

This problem is resolved by applying the following patch:

Novell Privileged User Manager Framework Patch version 2.2.0 (Rev:15198)

This patch is located at https://download.novell.com

Status

Security Alert

Additional Information

This vulnerability was discovered by:
    * Stephen Fewer of Harmony Security (www.harmonysecurity.com) through TippingPoint and the Zero Day Initiative.

http://www.zerodayinitiative.com/advisories/ZDI-CAN-493.html

ZDI-CAN-493:  Novell Privileged User Manager Remote Library Injection Vulnerability