Novell Zenworks Desktop Management Image Upload Security Bypass Vulnerability
BID:22686
Info
Novell Zenworks Desktop Management Image Upload Security Bypass Vulnerability
| Bugtraq ID: | 22686 |
| Class: | Design Error |
| CVE: |
CVE-2007-1119 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 23 2007 12:00AM |
| Updated: | May 12 2015 07:34PM |
| Credit: | The vendor disclosed this issue. |
| Vulnerable: |
Novell ZENworks Desktop Management 7.ZDM7 SP1 Imaging Novell ZENworks Desktop Management 7.ZDM7 SP1 |
| Not Vulnerable: |
Novell ZENworks Desktop Management 7.ZDM7SP1HP3 |
Discussion
Novell Zenworks Desktop Management Image Upload Security Bypass Vulnerability
Novell Zenworks Desktop Management is prone to a vulnerability that allows attackers to bypass security controls and to upload image files to directories that they normally would not have write access to.
Novell Zenworks Desktop Management version 7 Support Pack 1 - ZDM7 SP1 and ZDM7 SP1 Imaging are vulnerable to this issue.
Novell Zenworks Desktop Management is prone to a vulnerability that allows attackers to bypass security controls and to upload image files to directories that they normally would not have write access to.
Novell Zenworks Desktop Management version 7 Support Pack 1 - ZDM7 SP1 and ZDM7 SP1 Imaging are vulnerable to this issue.
Exploit / POC
Novell Zenworks Desktop Management Image Upload Security Bypass Vulnerability
Attackers can exploit this issue from a bash prompt.
Attackers can exploit this issue from a bash prompt.
Solution / Fix
References
Novell Zenworks Desktop Management Image Upload Security Bypass Vulnerability
References:
References: