CVE-2006-4506

Name of the Vulnerable Software and Affected Versions Novell Identity Manager (IDM) version 3.0.1

Description The issue allows local users to execute arbitrary commands, possibly involving the use of quote and backslash characters and eval injection in the idmlib.sh script within the nxdrv component.

Recommendations For Novell Identity Manager (IDM) version 3.0.1, consider restricting access to the idmlib.sh script to prevent local users from executing arbitrary commands until a patch is available. Avoid using the quote and backslash characters in the script to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.