Environment
NetIQ Privileged User Manager 2.3.0
NetIQ Privileged User Manager 2.3.1
Situation
Privileged User Manager is vulnerable to an exploit whereby an attacker could, without prior authentication, change the password of the admin user and/or execute a Perl script with SYSTEM privileges.
Resolution
To resolve this issue, apply NetIQ Privileged User Manager 2.3.2 or later.
All versions of Privileged User Manager are affected by this vulnerability.
Customers using earlier versions of Privileged User Manager should upgrade their software to at least version 2.3.2 in order to fully secure their system.
A short term alternative solution is to manually edit the following files:
UNIFI_ROOT/service/local/auth/module.xml
From:
<Method name="modifyAccounts" svc="pa_modify_accounts" master="1"/>
To:
<Method name="modifyAccounts" svc="pa_modify_accounts" role.0="admin"
role.1="helpdesk" master="1"/>
UNIFI_ROOT/service/local/ldapagnt/module.xml
From:
<Method name="eval" svc="ldapagnt_eval" />
To:
<Method name="eval" svc="ldapagnt_eval" role="admin"/>
However it is advised to update to Privileged User Manager 2.3.2 (or later) as soon as possible.
However it is advised to update to Privileged User Manager 2.3.2 (or later) as soon as possible.
Status
Security AlertAdditional Information
NetIQ credits Andrea Micalizzi (aka rgod) for reporting this flaw.
CVE-2012-5930
CVE-2012-5931
CVE-2012-5932