Full title: NetIQ Privileged User Manager 2.3.1 ldapagnt_eval() Remote Perl Code Execution 
Category: remote exploits
Platform: windows
his Metasploit module abuses a lack of authorization in the NetIQ Privileged User Manager service (unifid.exe) to execute arbitrary perl code. The problem exists in the ldapagnt module. The module has been tested successfully on NetIQ PUM 2.3.1 over Windows 2003 SP2, which allows to execute arbitrary code with SYSTEM privileges.

# 0day.today @ http://0day.today/