Detections
Analytics

Novell File Reporter Agent FSFUI UICMD 126 Arbitrary File Download

high Nessus Plugin ID 62977

Language:

Synopsis

An application running on the remote host has an arbitrary file download vulnerability.

Description

The version of Novell File Reporter Agent running on the remote host has an arbitrary file download vulnerability. Making a specially crafted POST request to /FSF/CMD for records with a name of FSFUI and UICMD of 126 could result in arbitrary files being downloaded. A remote, unauthenticated attacker could exploit this to download arbitrary files as root (against Linux targets) or SYSTEM (against Windows targets).

This version of Novell File Reporter Agent likely has other vulnerabilities, but Nessus has not checked for those issues.

Solution

There is no known solution at this time.

See Also

http://www.nessus.org/u?2d6b6622

Plugin Details

Severity: High

ID: 62977

File Name: novell_file_reporter_agent_download.nasl

Version: 1.9

Type: remote

Family: Misc.

Published: 11/20/2012

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Vulnerability Information

CPE: cpe:/a:novell:file_reporter

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 11/16/2012

Exploitable With

Metasploit (NFR Agent FSFUI Record File Upload RCE)

Reference Information

CVE: CVE-2012-4958

BID: 56579

CERT: 273371