Published: 18/11/2012 Updated: 19/11/2012

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote malicious users to upload and execute files via a 130 /FSF/CMD request with a .. (dot dot) in a FILE element of an FSFUI record.

Vulnerable Product	Search on Vulmon	Subscribe to Product
novell file reporter 1.0.2

## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # web site for more information on licensing and terms of use # metasploitcom/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = GreatRanking include Msf::Exploit::Re ...

# wwwwabyssseccom # Novell File Reporter Agent XML Parsing Remote Code Execution Vulnerability (0day) # CVE-2012-4959 # @abysssec # well just one more of our 0day got published after ~2 year # here is info : communityrapid7com/community/metasploit/blog/2012/11/16/nfr-agent-buffer-vulnerabilites-cve-2012-4959 # and here is our exploit ...

Novell File Reporter agent XML parsing remote code execution exploit ...

NFRAgentexe, a component of Novell File Reporter (NFR), allows remote attackers to upload arbitrary files via a directory traversal while handling requests to /FSF/CMD with FSFUI records with UICMD 130 This Metasploit module has been tested successfully against NFR Agent 1043 (File Reporter 102) and NFR Agent 10322 (File Reporter 101) ...

CWE-22 https://community.rapid7.com/community/metasploit/blog/2012/11/16/nfr-agent-buffer-vulnerabilites-cve-2012-4959 http://www.kb.cert.org/vuls/id/273371 https://nvd.nist.gov https://www.exploit-db.com/exploits/22787/https://www.kb.cert.org/vuls/id/273371

CVE-2012-4959

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect