Web Application Security
Novell Sentinel Log Manager <= Path Traversal Dec 18 2011 03:25PM
Andrea Fabrizi (andrea fabrizi gmail com)
Vuln: Path Traversal
Application: Sentinel Log Manager
Vendor: Novell
Version affected: <=
Website: http://www.novell.com/products/sentinel-log-manager/
Discovered By: Andrea Fabrizi
Email: andrea.fabrizi (at) gmail (dot) com [email concealed]
Web: http://www.andreafabrizi.it

The latest version of Sentinel Log Manager is prone to a Directory
Traversal, which makes it possible, for Authenticated Users, to access
any system file.

Testing environment: Sentinel Log Manager Appliance

Vulnerable URL:

This list is sponsored by Cenzic
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus