APP: Novell File Reporter FSFUI Arbitrary File Retrieval

This signature detects a known vulnerability against Novell File Reporter. It is caused by insufficient authentication when handling SRS requests. An remote unauthenticated attacker could exploit this vulnerability by sending a specially crafted request to the server. Successful exploitation could result in arbitrary file retrieval with SYSTEM privileges.

Extended Description

Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to read arbitrary files via a 126 /FSF/CMD request with a .. (dot dot) in a FILE element of an FSFUI record.

Affected Products

Novell file_reporter

References

CVE: CVE-2012-4958

Short Name
SSL:NOVELL-REPORTER-FSFUI
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
SSL
Keywords
Arbitrary CVE-2012-4958 FSFUI File Novell Reporter Retrieval
Release Date
08/05/2013
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3375
False Positive
Unknown
Vendors

Novell

CVSS Score

7.8

Found a potential security threat?