Novell NetIQ Privileged User Manager modifyAccounts Policy Bypass
|Check Point Reference:||CPAI-2012-1282|
|Source:||Secunia Advisory SA51291|
|Protection Provided by:||
Who is Vulnerable?
Novell Privileged User Manager 2.3.1
A policy bypass vulnerability has been reported in Novell NetIQ Privileged User Manager. The vulnerability is due to an access control weakness when handling a modifyAccounts request. A remote, unauthenticated attacker could exploit this flaw by sending a malicious request to a vulnerable server. Successful exploitation could result in code execution under the context of SYSTEM.
This protection will detect and block attempts to exploit this vulnerability.
To configure the defense, select your product from the list below and follow the related protection steps.