Novell NetIQ Privileged User Manager modifyAccounts Policy Bypass

A policy bypass vulnerability has been reported in Novell NetIQ Privileged User Manager. The vulnerability is due to an access control weakness when handling a modifyAccounts request. A remote, unauthenticated attacker could exploit this flaw by sending a malicious request to a vulnerable server...

Novell NetIQ Privileged User Manager modifyAccounts Security Bypass

Added: 12/07/2012 BID: 56535 OSVDB: 87335 Background Novell NetIQ Privileged User Manager NPUM allows IT administrators to work on systems without exposing superuser administrator or supervisor passwords or root-account credentials to the administrator. Problem NetIQ Privileged User Manager 2.3.1...