The host is running Novell NetIQ Privileged User Manager and is prone to remote code execution vulnerability.

Successful exploitation will allow attackers to execute perl code and change administrative credentials. Impact Level: System/Application

Apply NetIQ Privileged User Manager 2.3.1 HF2 (2.3.1-2) or later, http://download.novell.com/protected/Summary.jsp?buildid=K6-PmbPjduA~

The flaws are due to an error in the 'ldapagnt' and 'auth' module due to not restricting access to certain methods, which can be exploited to execute perl code by passing arbitrary arguments to the Perl 'eval()' function via HTTP POST requests and attacker can change administrative credentials using the 'modifyAccounts()' function via HTTP POST requests.

Novell NetIQ Privileged User Manager 2.3.0 and 2.3.1

• http://packetstormsecurity.org/files/118117
• http://packetstormsecurity.org/files/118118
• http://secunia.com/advisories/51291
• http://www.exploit-db.com/exploits/22737
• https://www.netiq.com/support/kb/doc.php?id=7011385

---

Updated on 2017-03-28