cpe:/a:novell:sentinel_log_manager:1.2.0.1_938 CVE-2011-5028 2011-12-29T17:55:01.500-05:00 2017-08-28T21:30:38.927-04:00 4.0 NETWORK LOW SINGLE_INSTANCE PARTIAL NONE NONE http://nvd.nist.gov 2011-12-30T09:28:00.000-05:00 SECTRACK 1026437 FULLDISC 20111218 Novell Sentinel Log Manager <=1.2.0.1 Path Traversal SECUNIA 47258 SECUNIA 48760 OSVDB 77948 CONFIRM http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5138757.html XF novell-filedownload-dir-traversal(71861) Directory traversal vulnerability in novelllogmanager/FileDownload in Novell Sentinel Log Manager 1.2.0.1_938 and earlier, as used in Novell Sentinel before 7.0.1.0, allows remote authenticated users to read arbitrary files via a .. (dot dot) in the filename parameter.