Detections
Analytics

Novell NetIQ Sentinel Agent Manager NQMcsVarSet ActiveX DumpToFile() Remote Code Execution

medium Nessus Plugin ID 74261

Language:

Synopsis

The remote Windows host has an ActiveX control that is affected by a remote code execution vulnerability.

Description

The remote host contains the NQMcsVarSet ActiveX control distributed with Novell NetIQ Sentinel Agent Manager.

The installed control is reportedly affected by a remote code execution vulnerability with the DumpToFile method where it does not properly sanitize the path for a filename. This could allow a remote attacker, with a specially crafted file or site, to traverse the directories to execute arbitrary code.

Solution

Update Novell NetIQ Sentinel Agent Manager to version 7.2 or later, or ensure the kill bit has been set for the NQMcsVarSet ActiveX Control.

See Also

https://www.zerodayinitiative.com/advisories/ZDI-14-134/

https://support.microfocus.com/kb/doc.php?id=7015183

Plugin Details

Severity: Medium

ID: 74261

File Name: novell_netiq_activex_nqmcsvarset.nasl

Version: 1.5

Type: local

Agent: windows

Family: Windows

Published: 6/2/2014

Updated: 11/15/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.3

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:netiq:sentinel_agent_manager

Required KB Items: SMB/Registry/Enumerated

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 5/19/2014

Reference Information

CVE: CVE-2014-3460

BID: 67487