NFR Agent FSFUI Record Arbitrary Remote File Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NFR Agent FSFUI Record Arbitrary Remote File Access', 'Description' = %q NFRAgent.exe, a component of Novell File Reporter NFR, allows remote...

NFR Agent FSFUI Record File Upload RCE

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

Directory traversal

Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to upload and execute files via a 130 /FSF/CMD request with a .. dot dot in a FILE element of an FSFUI record...

CVE-2012-4959

CVE-2012-4959 affects Novell File Reporter NFRAgent.exe (1.0.2) via directory traversal in FSF/CMD handling of FSFUI records (UICMD 130), enabling remote upload and execution of arbitrary files. Connected data corroborates exploitation in Metasploit modules for NFR Agent 1.0.3/1.0.4.x and public ...

NFR Agent FSFUI Record File Upload Remote Command Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'NFR Agent FSFUI Record File Upload...