Published: 24/12/2012 Updated: 13/04/2021

CVSS v2 Base Score: 5.5 | Impact Score: 4.9 | Exploitability Score: 8

VMScore: 555

Vector: AV:N/AC:L/Au:S/C:N/I:P/A:P

Directory traversal vulnerability in the set_log_config function in regclnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x prior to 2.3.1 HF2 allows remote authenticated users to create or overwrite arbitrary files via directory traversal sequences in a log pathname.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microfocus privileged user manager 2.3.1
microfocus privileged user manager 2.3.0

Novell NetIQ Privileged User Manager 231 authdll pa_modify_accounts() Remote Code Execution (pre auth / SYSTEM privileges) Tested against: Microsoft Windows 2003 r2 sp2 download url: downloadnovellcom/indexjsp (search "Privileged User Manager") file tested: NetIQ-PUM-231iso (decompress and launch netiq_pum_manager_231_x86msi) ...

CWE-22 https://www.netiq.com/support/kb/doc.php?id=7011385 http://download.novell.com/Download?buildid=K6-PmbPjduA~http://retrogod.altervista.org/9sg_novell_netiq_i_adv.htm https://nvd.nist.gov https://www.exploit-db.com/exploits/22737/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-5931

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect