SUSE CVE-2016-1607

Multiple cross-site request forgery CSRF vulnerabilities in the administrative interface in Novell Filr before 2.0 Security Update 2 allow remote attackers to hijack the authentication of administrators, as demonstrated by reconfiguring time settings via a vaconfig/time request...

SUSE CVE-2016-1608

vaconfig/time in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the ntpServer parameter...

Novell Filr Command Injection Vulnerability

Novell Filr is a file access and sharing solution for the enterprise from Novell, USA. An operating system command injection vulnerability exists in the vaconfig/time file in Novell Filr 1.2 Security Update 2 and earlier and 2.0 Security Update 1 and earlier. A remote attacker can exploit this...

CVE-2016-1607

Multiple cross-site request forgery CSRF vulnerabilities in the administrative interface in Novell Filr before 2.0 Security Update 2 allow remote attackers to hijack the authentication of administrators, as demonstrated by reconfiguring time settings via a vaconfig/time request...