Novell iManager 'getMultiPartParameters()' Arbitrary File Upload Vulnerability

Bugtraq ID: 43635
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Oct 01 2010 12:00AM
Updated: Oct 19 2010 07:29AM
Credit: Stephen Fewer of Harmony Security working with TippingPoint's Zero Day Initiative
Vulnerable: Novell iManager 2.7.3
Novell iManager 2.7.1
Novell iManager 2.5
Novell iManager 2.0.2
Novell iManager 2.0
Novell iManager 2.7.3.2
Novell iManager 2.7.3 FTF2
Novell iManager 2.7.0
Novell iManager 2.6.0
Not Vulnerable: Novell iManager 2.7.3 FTF3


 

Privacy Statement
Copyright 2010, SecurityFocus