Computer Security
[EN] securityvulns.ru no-pyccku


Cloud Manager unaurhozied access
Published:09.09.2011
Source:
SecurityVulns ID:11898
Type:remote
Threat Level:
5/10
Description:Insufficient authentication in RPC-based service.
Affected:NOVELL : Novell Cloud Manager 1.1
CVE:CVE-2011-2654 (The RPC implementation in the server in Novell Cloud Manager 1.1.2 before Patch 3 does not properly initialize objects, which allows remote attackers to execute arbitrary code by making RPC calls that leverage incorrect privileges associated with a partially initialized session.)
Original documentdocumentZDI, ZDI-11-278: Novell Cloud Manager Insufficient Framework User Validation Vulnerability (09.09.2011)
Files:Cloud Manager 1.1.X / PlateSpin Orchestrate 2.6.0 Patch3

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod