Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-5932

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2012-5932
Last Modified 08 Jan 2013 12:00:00
Published 24 Dec 2012 01:55:02
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-5932

Summary

Eval injection vulnerability in the ldapagnt_eval function in ldapagnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 allows remote attackers to execute arbitrary Perl code via a crafted application/x-amf request.

Vulnerable Systems

Application

  • Netiq Privileged User Manager 2.3.0

  • Netiq Privileged User Manager 2.3.1


References

CONFIRM - https://www.netiq.com/support/kb/doc.php?id=7011385

MISC - http://retrogod.altervista.org/9sg_novell_netiq_ldapagnt_adv.htm

MISC - http://retrogod.altervista.org/9sg_novell_netiq_ii.htm

CONFIRM - http://download.novell.com/Download?buildid=K6-PmbPjduA~


Last Updated: 27 May 2016 10:57:37