44 matches found
EUVD-2012-5804
Malware in sbrugna...
EUVD-2020-4202
Malware in sbrugna...
EUVD-2017-16461
Malware in sbrugna...
EUVD-2017-16462
Malware in sbrugna...
EUVD-2012-5805
Malware in sbrugna...
CVE-2012-5931
Directory traversal vulnerability in the setlogconfig function in regclnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 allows remote authenticated users to create or overwrite arbitrary files via directory traversal sequences in a log pathname...
CVE-2012-5930
The pamodifyaccounts function in auth.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 does not require authentication for the modifyAccounts method, which allows remote attackers to change the passwords of administrative accounts via a crafted application/x-amf request...
CVE-2012-5932
Eval injection vulnerability in the ldapagnteval function in ldapagnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 allows remote attackers to execute arbitrary Perl code via a crafted application/x-amf request...
CVE-2020-11862
CVE-2020-11862 is an allocation of resources without limits or throttling affecting OpenText NetIQ Privileged Account Manager prior to version 3.7.0.2. The vulnerability arises from unrestricted resource allocation in the PAM app, enabling a potential denial of service via resource exhaustion. Af...
CVE-2017-7438
NetIQ Privileged Account Manager before 3.1 Patch Update 3 allowed cross site scripting attacks via javascript DOM modification using the supplied cookie parameter...
Novell NetIQ Privileged User Manager 2.3.1 ldapagnt.dll ldapagnt_eval() Perl Code Evaluation RCE
No description provided by source. Novell NetIQ Privileged User Manager 2.3.1 ldapagnt.dll ldapagnteval Perl Code Evaluation RCE pre auth/SYSTEM Tested against: Microsoft Windows 2003 r2 sp2 download url: http://download.novell.com/index.jsp search Privileged User Manager file tested:...
NetIQ Privileged User Manager 2.3.1 ldapagnt_eval() Remote Perl Code Execution
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require...
NetIQ Privileged User Manager regclnt.dll Directory Traversal
According to the self-reported version of the NetIQ Privileged User Manager 'registry agent' package, the NetIQ Privileged User Manager 'setlogconfig' function in regclnt.dll is affected by a directory traversal flaw that can be exploited to read or write arbitrary files by sending a specially...
CVE-2012-5932
Eval injection vulnerability in the ldapagnteval function in ldapagnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 allows remote attackers to execute arbitrary Perl code via a crafted application/x-amf request...
CVE-2012-5930
The pamodifyaccounts function in auth.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 does not require authentication for the modifyAccounts method, which allows remote attackers to change the passwords of administrative accounts via a crafted application/x-amf request...
CVE-2012-5931
Directory traversal vulnerability in the setlogconfig function in regclnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 allows remote authenticated users to create or overwrite arbitrary files via directory traversal sequences in a log pathname...
Directory traversal
Directory traversal vulnerability in the setlogconfig function in regclnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 allows remote authenticated users to create or overwrite arbitrary files via directory traversal sequences in a log pathname...
Cross site request forgery (csrf)
The pamodifyaccounts function in auth.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 does not require authentication for the modifyAccounts method, which allows remote attackers to change the passwords of administrative accounts via a crafted application/x-amf request...
Sql injection
Eval injection vulnerability in the ldapagnteval function in ldapagnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 allows remote attackers to execute arbitrary Perl code via a crafted application/x-amf request...
CVE-2012-5931
CVE-2012-5931 is a directory traversal vulnerability affecting NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2. The flaw exists in the set_log_config function of regclnt.dll (unifid.exe) and allows remote authenticated users to create or overwrite arbitrary files via crafted log pathnames. I...