Vulnerabilities > CVE-2006-4803 - Unspecified vulnerability in Netiq Identity Manager 3.0.1

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

netiq

NVD

Published: 2006-09-14

Updated: 2018-09-27

Summary

The Fan-Out Linux and UNIX receiver scripts in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors involving certain environment variables and "code injection."

Vulnerable Configurations

Part	Description	Count
Application	Netiq Netiq Identity Manager 3.0.1	1

References

http://secunia.com/advisories/21888
http://securitytracker.com/id?1016853
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974421.htm
http://www.securityfocus.com/bid/20016
http://www.vupen.com/english/advisories/2006/3607