Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2654

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2011-2654
Last Modified 05 Oct 2011 10:50:22
Published 06 Sep 2011 11:55:02
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-2654

Summary

The RPC implementation in the server in Novell Cloud Manager 1.1.2 before Patch 3 does not properly initialize objects, which allows remote attackers to execute arbitrary code by making RPC calls that leverage incorrect privileges associated with a partially initialized session.

Vulnerable Systems

Application

  • Novell Cloud Manager 1.1.2


References

MISC - http://zerodayinitiative.com/advisories/ZDI-11-278/

SECTRACK - 1026006

BID - 49432

SECUNIA - 45845

CONFIRM - http://download.novell.com/Download?buildid=NSONlV5PqMo~


Last Updated: 27 May 2016 10:57:04