Opentext Documentum Content Server File Hijack / Privilege Escalation

Opentext Documentum Content Server File Hijack / Privilege Escalation

Opentext Documentum Content Server (formerly known as EMC Documentum Content Server) does not properly validate input of the PUT_FILE RPC command which allows any authenticated user to hijack arbitrary file from the Content Server filesystem. Because some files on the Content Server filesystem are security-sensitive this security flaw leads to privilege escalation. Source: Opentext Documentum […]

The post Opentext Documentum Content Server File Hijack / Privilege Escalation appeared first on MondoUnix.