CVSS: 10.0EPSS: 29%CPEs: 3EXPL: 0CVE-2010-0284 – Novell Access Manager Arbitrary File Upload Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0284
Directory traversal vulnerability in the getEntry method in the PortalModuleInstallManager component in a servlet in nps.jar in the Administration Console (aka Access Management Console) in Novell Access Manager 3.1 before 3.1.2-281 on Windows allows remote attackers to create arbitrary files with any contents, and consequently execute arbitrary code, via a .. (dot dot) in a parameter, aka ZDI-CAN-678. Vulnerabilidad de salto de directorio en el método getEntry en el componente PortalModuleInstallManager en un servlet en nps.jar en la Consola de administración (Administration Console, también conocida como Access Management Console) en Novell Access Manager v3.1 anteriores a v3.1.2-281 en Windows, permite a atacantes remotos crear ficheros de su elección con cualquier contenido, y consecuentemente ejecutar código de su elección a través de un .. (punto punto) en un parámetro, también conocido como ZDI-CAN-678. This vulnerability allows remote attackers to upload arbitrary files on vulnerable installations of Novell Access Manager. • http://secunia.com/advisories/40198 http://www.novell.com/support/viewContent.do?externalId=7006255&sliceId=1 http://www.securityfocus.com/bid/40931 http://www.securitytracker.com/id?1024132 http://www.vupen.com/english/advisories/2010/1516 https://exchange.xforce.ibmcloud.com/vulnerabilities/59528 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2009-4878
https://notcve.org/view.php?id=CVE-2009-4878
Unspecified vulnerability in the Administration Console in Novell Access Manager before 3.1 SP1 allows attackers to access system files via unknown attack vectors. Vulnerabilidad no especificada en la Consola de Administración en Novell Access Manager anterior v3.1 SP1 permite a atacantes acceder al sistema de ficheros a través de vectores de ataque desconocidos. • http://secunia.com/advisories/35898 http://www.novell.com/documentation/novellaccessmanager31/accessmanager_readme/data/accessmanager_readme.html http://www.securityfocus.com/bid/35734 http://www.securitytracker.com/id?1022581 http://www.vupen.com/english/advisories/2009/1945 https://exchange.xforce.ibmcloud.com/vulnerabilities/51822 •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2009-4879
https://notcve.org/view.php?id=CVE-2009-4879
The Identity Server in Novell Access Manager before 3.1 SP1 allows attackers with disabled Active Directory accounts to authenticate using X.509 authentication, which bypasses intended access restrictions. El servidor de identidades en Novell Access Manager anterior v3.1 SP1 permite a atacantes con cuenta Active Directory desactivada, autenticarse usando autenticación X.509, que elude las restricciones establecidas • http://www.novell.com/documentation/novellaccessmanager31/accessmanager_readme/data/accessmanager_readme.html http://www.securitytracker.com/id?1022581 • CWE-287: Improper Authentication •
CVSS: 1.9EPSS: 0%CPEs: 1EXPL: 0CVE-2008-6722
https://notcve.org/view.php?id=CVE-2008-6722
Novell Access Manager 3 SP4 does not properly expire X.509 certificate sessions, which allows physically proximate attackers to obtain a logged-in session by using a victim's web-browser process that continues to send the original and valid SSL sessionID, related to inability of Apache Tomcat to clear entries from its SSL cache. Novell Access Manager v3 SP4 no expira adecuadamente sesiones certificadas X.509, lo cual permite a atacantes físicamente próximos obtener una sesión validada utilizando un proceso del navegador web de la víctima que continúa enviando el sessionID SSL original y válido, relacionado con la incapacidad de Apache Tomcat de limpiar entradas de la caché de SSL. • http://osvdb.org/49737 http://secunia.com/advisories/32554 http://www.novell.com/support/viewContent.do?externalId=7001788 http://www.securityfocus.com/bid/32121 http://www.vupen.com/english/advisories/2008/3012 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2007-3570
https://notcve.org/view.php?id=CVE-2007-3570
The Linux Access Gateway in Novell Access Manager before 3.0 SP1 Release Candidate 1 (RC1) allows remote attackers to bypass unspecified security controls via Fullwidth/Halfwidth Unicode encoded data in a HTTP POST request. Linux Access Gateway en Novell Access Manager anterior a 3.0 SP1 Release Candidate 1 (RC1) permite a atacantes remotos evitar controles no especificados de seguridad mediante información Fullwidth/Halfwidth codificada en Unicode en una petición POST de HTTP. • http://www.novell.com/documentation/novellaccessmanager/readme/accessmanager_readme.html#ban5hsz http://www.vupen.com/english/advisories/2007/2390 http://www.vupen.com/english/advisories/2007/3075 https://secure-support.novell.com/KanisaPlatform/Publishing/539/3193302_f.SAL_Public.html •