CVE-2012-5931
NetIQ Privileged User Manager 2.3.x - Authenticated Path Traversal and Arbitrary File Write via Log Pathname
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2012-5931. PoCs published by rgod.
AI-analyzed exploit summary This exploit targets a pre-authentication vulnerability in Novell NetIQ Privileged User Manager 2.3.1, allowing remote code execution by modifying the admin password via the `pa_modify_accounts()` function in `auth.dll`. It then leverages a post-auth flaw in `regclnt.dll` to write arbitrary files, achieving SYSTEM-level command execution.
Description
Directory traversal vulnerability in the set_log_config function in regclnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 allows remote authenticated users to create or overwrite arbitrary files via directory traversal sequences in a log pathname.
Exploits (1)
This exploit targets a pre-authentication vulnerability in Novell NetIQ Privileged User Manager 2.3.1, allowing remote code execution by modifying the admin password via the `pa_modify_accounts()` function in `auth.dll`. It then leverages a post-auth flaw in `regclnt.dll` to write arbitrary files, achieving SYSTEM-level command execution.