Novell File Reporter 'SRS' Tag Arbitrary File Deletion Vulnerability Network Vulnerability

Summary

This host is installed with Novell File Reporter and is prone to arbitrary file deletion vulnerability.

Impact

Successful exploitation could allow remote attackers to delete arbitrary files. Impact Level: Application

Solution

No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.

Insight

The flaw is due to an error in the NFR Agent (NFRAgent.exe) when handling 'OPERATION' and 'CMD' commands in the 'SRS' tag and can be exploited to delete arbitrary files via a specially crafted SRS request sent to TCP port 3073.

Affected

Novell File Reporter (NFR) before 1.0.4.2

References

http://aluigi.org/adv/nfr_2-adv.txt
http://secunia.com/advisories/45071
http://www.securityfocus.com/archive/1/archive/1/518632/100/0/threaded

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-2750
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

ScriptFTP 'GETLIST' or 'GETFILE' Commands Remote Buffer Overflow Vulnerability
VLC Media Player 'MP4_ReadBox_skcr()' Buffer Overflow Vulnerability (Windows)
Cyrus IMAP Server SIEVE Script Handling Buffer Overflow Vulnerability
VLC Media Player '.RM' File BOF Vulnerability (Windows)
NTP 'ntpd' Autokey Stack Overflow Vulnerability

Take action and discover your vulnerabilities