Detections
Analytics

NetIQ Privileged User Manager regclnt.dll Directory Traversal

medium Nessus Plugin ID 63688

Language:

Synopsis

The remote host is running a web application that is affected by a directory traversal vulnerability.

Description

According to the self-reported version of the NetIQ Privileged User Manager 'registry agent' package, the NetIQ Privileged User Manager 'set_log_config' function in regclnt.dll is affected by a directory traversal flaw that can be exploited to read or write arbitrary files by sending a specially crafted POST request.

Note that Nessus did not check for the presence of a workaround.

Solution

Apply NetIQ Privileged User Manager 2.3.1 HF2 (2.3.1-2) or later.

See Also

http://retrogod.altervista.org/9sg_novell_netiq_i_adv.htm

https://support.microfocus.com/kb/doc.php?id=7011385

Plugin Details

Severity: Medium

ID: 63688

File Name: netiq_pum_registry_agent_dir_traversal.nasl

Version: 1.9

Type: remote

Family: CGI abuses

Published: 1/24/2013

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.5

CVSS v2

Risk Factor: Medium

Base Score: 5.5

Temporal Score: 4.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:P

Vulnerability Information

CPE: cpe:/a:netiq:privileged_user_manager

Required KB Items: www/netiq_pum

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/15/2012

Vulnerability Publication Date: 11/15/2012

Exploitable With

Elliot (Novell NetIQ 2.3.1 RCE)

Reference Information

CVE: CVE-2012-5931

BID: 56535