Posts Tagged ‘privilege’

Opentext Documentum Content Server File Hijack / Privilege Escalation

Opentext Documentum Content Server (formerly known as EMC Documentum Content Server) does not properly validate input of the PUT_FILE RPC command which allows any authenticated user to hijack arbitrary file from the Content Server filesystem. Because some files on the Content Server filesystem are security-sensitive this security flaw leads to privilege escalation. Source: Opentext Documentum […]


Opentext Documentum Content Server Privilege Escalation

Opentext Documentum Content Server (formerly known as EMC Documentum Content Server) contains a design gap that allows any authenticated user the ability to replace content of security-sensitive dmr_content objects (for example, dmr_content related to dm_method objects) and gain superuser privileges. Source: Opentext Documentum Content Server Privilege Escalation