Directory Traversal Vulnerability in Novell Sentinel Log Manager 1.2.0.1_938 and Earlier

Directory Traversal Vulnerability in Novell Sentinel Log Manager 1.2.0.1_938 and Earlier

CVE-2011-5028 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

Directory traversal vulnerability in novelllogmanager/FileDownload in Novell Sentinel Log Manager 1.2.0.1_938 and earlier, as used in Novell Sentinel before 7.0.1.0, allows remote authenticated users to read arbitrary files via a .. (dot dot) in the filename parameter.

Learn more about our User Device Pen Test.