Novell NetIQ Privileged User Manager Security Bypass

Added: 12/03/2012
BID: 56539
OSVDB: 87334

Background

Novell NetIQ Privileged User Manager (NPUM) allows IT administrators to work on systems without exposing superuser (administrator or supervisor) passwords or root-account credentials to the administrator.

Problem

NetIQ Privileged User Manager 2.3.1 and earlier are vulnerable to remote code execution as a result of an error in the ldapagnt_eval() function in the ldapagnt.dll module not restricting access to certain methods.

Resolution

Contact the vendor for a fix.

References

http://secunia.com/advisories/51291/

Limitations

This exploit was tested against Novell Privileged User Manager 2.3.1 on Microsoft Windows Server 2003 SP2 English (DEP OptOut) and Microsoft Windows Server 2008 SP2 (DEP OptOut).

The IO-Socket-SSL PERL module must be installed on the scanning host. This module is available from http://www.cpan.org/modules/by-module/IO/.

Platforms

Windows

Back to exploit index