Novell Sentinel Log Manager 'filename' Parameter Directory Traversal Vulnerability

Bugtraq ID:	51104
Class:	Input Validation Error
CVE:	CVE-2011-5028
Remote:	Yes
Local:	No
Published:	Dec 18 2011 12:00AM
Updated:	Feb 08 2012 05:10PM
Credit:	Andrea Fabrizi
Vulnerable:
Not Vulnerable:

Novell Sentinel Log Manager 'filename' Parameter Directory Traversal Vulnerability

Sentinel Log Manager is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data.

Successfully exploiting the issue may allow an attacker to obtain sensitive information that could aid in further attacks.

Sentinel Log Manager versions 1.2.0.1 and prior are vulnerable.

Novell Sentinel Log Manager 'filename' Parameter Directory Traversal Vulnerability

Attackers can use a browser to exploit this issue.

The following example URI is available:

http://www.example.com/novelllogmanager/FileDownload?filename=/opt/novell/sentinel_log_mgr/3rdparty/tomcat/temp/../../../../../../etc/passwd

Novell Sentinel Log Manager 'filename' Parameter Directory Traversal Vulnerability

Solution:
Vendor updates are available. Please see the references for more information.

Novell Sentinel Log Manager 'filename' Parameter Directory Traversal Vulnerability

References:

• Sentinel Log Manager 1.2.0.2 (1.2 Hot Fix 2) (Novell)
  
• Sentinel Log Manager Homepage (Novell)