Novell Client NWGINA.DLL User Profile Security Bypass Vulnerability
BID:21886
Info
Novell Client NWGINA.DLL User Profile Security Bypass Vulnerability
| Bugtraq ID: | 21886 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 05 2007 12:00AM |
| Updated: | Jan 08 2007 05:06PM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
Novell Client 4.91 SP3 |
| Not Vulnerable: | |
Discussion
Novell Client NWGINA.DLL User Profile Security Bypass Vulnerability
Novell Client is prone to a security-bypass vulnerability.
A remote authenticated attacker can exploit this issue to invoke another users profiles in a Citrix environment. This may lead to other attacks.
This issue affects version 4.93 SP3.
Novell Client is prone to a security-bypass vulnerability.
A remote authenticated attacker can exploit this issue to invoke another users profiles in a Citrix environment. This may lead to other attacks.
This issue affects version 4.93 SP3.
Exploit / POC
Novell Client NWGINA.DLL User Profile Security Bypass Vulnerability
To exploit this issue, an attacker requires authenticated access to a vulnerable application.
To exploit this issue, an attacker requires authenticated access to a vulnerable application.
Solution / Fix
Novell Client NWGINA.DLL User Profile Security Bypass Vulnerability
Solution:
The vendor has released an update to address this issue. Please see the references for more information.
Solution:
The vendor has released an update to address this issue. Please see the references for more information.
References
Novell Client NWGINA.DLL User Profile Security Bypass Vulnerability
References:
References: