APP: Novell File Reporter SRS Arbitrary File Retrieval

This signature detects a known vulnerability against Novell File Reporter. It is caused by insufficient authentication when handling SRS requests. An remote unauthenticated attacker could exploit this vulnerability by sending a specially crafted request to the server. Successful exploitation could result in arbitrary file retrieval with SYSTEM privileges.

Extended Description

Absolute path traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to read arbitrary files via a /FSF/CMD request with a full pathname in a PATH element of an SRS record.

Affected Products

Novell file_reporter

References

CVE: CVE-2012-4957

Short Name
APP:NOVELL:REPORTER-SRS
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
Arbitrary CVE-2012-4957 File Novell Reporter Retrieval SRS
Release Date
08/05/2013
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3375
False Positive
Unknown
Vendors

Novell

CVSS Score

7.8

Found a potential security threat?