Novell iManager getMultiPartParameters file upload vulnerability

Added: 10/11/2010
BID: 43635
OSVDB: 68320

Background

Novell iManager is a web-based management interface for other Novell products.

Problem

The getMultiPartParameters function in the nps.jar web application in Novell iManager allows remote attackers to upload arbitrary files to the server. By uploading a script file to a web-accessible location on the server, this vulnerability can result in remote command execution.

Resolution

Apply the patch referenced in Novell document 7006515.

References

http://www.zerodayinitiative.com/advisories/ZDI-10-190/

Limitations

Exploit works on Novell iManager 2.7.3.

If successful, this exploit creates a web application called exploit.war on the target.

Because it takes time for the target to deploy the web application sent by the exploit, there may be a delay before the exploit succeeds.

Platforms

Windows

Back to exploit index