CVE-2014-4509CVE-2014-4509

Affected configuration(s):

cpe:/a:novell:identity_manager:4.0.2

Date published: 2014-06-21T11:55:05.417-04:00

Date last modified: 2017-01-06T22:00:21.803-05:00

CVSS Score: 4.6

Principal attack vector: LOCAL

Complexity:  LOW

Reference URL: http://download.novell.com/Download?buildid=5XLmBl54_Rg~

Summary: The MKDQUOTESAFE function in the Fan-out driver scripts in Fan-Out Platform Services in Novell Identity Manager (aka IDM) 4.0.2 allows local users to execute arbitrary commands by leveraging eDirectory POSIX attribute changes to insert shell metacharacters.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *