Directory Traversal Vulnerability in Novell Sentinel Log Manager
CVE-2011-5028

Currently unrated

Key Information:

Vendor

Novell
Status
Sentinel Log Manager
Vendor
CVE Published:
29 December 2011

What is CVE-2011-5028?

The vulnerability in Novell Sentinel Log Manager arises from a directory traversal issue in the FileDownload component. This flaw allows remote authenticated users to access arbitrary files on the server by manipulating the filename parameter with a '..' (dot dot) sequence. As a result, sensitive files may be exposed, posing a significant risk to data security. Proper input validation and restricting file access permissions are crucial to preventing the exploitation of this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securitytracker.com/id?1026437
vdb-entryx_refsource_SECTRACK
http://secunia.com/advisories/47258
third-party-advisoryx_refsource_SECUNIA
http://osvdb.org/77948
vdb-entryx_refsource_OSVDB

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.