Novell.File.Reporter.Agent.Arbitrary.File.Delete
Description
This indicates an attack attempt to exploit an Access Control vulnerability in Novell File Reporter.
The vulnerability is due to an design error when the vulnerable software handles a HTTP request. Remote attackers may be able to exploit this to delete arbitrary file through the vulnerable software.
Affected Products
Novell File Reporter version 1.0.1
Novell File Reporter version 1.0.1.1
Novell File Reporter version 1.0.2
Novell File Reporter version 1.0.4.2 and prior
Impact
Privilege Escalation: Remote attacker could delete any arbitrary file on the remote system and shares with SYSTEM privileges
Recommended Actions
Currently we are unaware of any vendor supplied patch for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |