NetIQ Privileged User Manager unifid.exe regclnt.dll set_log_config函数目录遍历漏洞
发布日期:2012-12-24
更新日期:2012-12-27
受影响系统:netiq Privileged User Manager
描述:
CVE(CAN) ID:
CVE-2012-5931
NetIQ Privileged User Manager是安全访问UNIX、Linux和Windows系统的解决方案。
NetIQ Privileged User Manager 2.3.1 HF2之前版本的2.3.x内unifid.exe regclnt.dll set_log_config函数存在目录遍历漏洞,允许经过身份验证的远程用户利用该漏洞,创建或覆盖任意文件。
<*来源:Andrea Micalizzi
链接:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5931
https://www.netiq.com/support/kb/doc.php?id=7011385
*>
建议:
临时解决方法:
手动编辑下面的文件:
UNIFI_ROOT/service/local/auth/module.xml
From:
<Method name="modifyAccounts" svc="pa_modify_accounts" master="1"/>
To:
<Method name="modifyAccounts" svc="pa_modify_accounts" role.0="admin"
role.1="helpdesk" master="1"/>
UNIFI_ROOT/service/local/ldapagnt/module.xml
From:
<Method name="eval" svc="ldapagnt_eval" />
To:
<Method name="eval" svc="ldapagnt_eval" role="admin"/>
厂商补丁:
netiq
-----
netiq已经为此发布了一个安全公告(7011385)以及相应补丁:
7011385:Security Vulnerability: NetIQ Privileged User Manager Remote Code Execution Vulnerability
链接:
https://www.netiq.com/support/kb/doc.php?id=7011385
补丁下载:
http://download.novell.com/patch/finder/浏览次数:3913
严重程度:0(网友投票)
