Affected configuration(s):


Date published: 2014-06-21T11:55:05.417-04:00

Date last modified: 2017-01-06T22:00:21.803-05:00

CVSS Score: 4.6

Principal attack vector: LOCAL

Complexity:  LOW

Reference URL:

Summary: The MKDQUOTESAFE function in the Fan-out driver scripts in Fan-Out Platform Services in Novell Identity Manager (aka IDM) 4.0.2 allows local users to execute arbitrary commands by leveraging eDirectory POSIX attribute changes to insert shell metacharacters.


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.