Novell ZENworks Configuration Management Multiple Security Vulnerabilities
BID:52659
Info
Novell ZENworks Configuration Management Multiple Security Vulnerabilities
| Bugtraq ID: | 52659 |
| Class: | Input Validation Error |
| CVE: |
CVE-2011-3175 CVE-2011-3176 CVE-2012-2215 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 21 2012 12:00AM |
| Updated: | Mar 13 2013 05:25PM |
| Credit: | Luigi Auriemma |
| Vulnerable: |
Novell ZENworks Configuration Management 11.1A Novell ZENworks Configuration Management 11.1 |
| Not Vulnerable: |
Novell ZENworks Configuration Management 11.2 |
Discussion
Novell ZENworks Configuration Management Multiple Security Vulnerabilities
Novell ZENworks Configuration Management is prone to following vulnerabilities:
1. A stack-based buffer-overflow vulnerability
2. An arbitrary file download vulnerability
Exploiting these issues may allow remote attackers to execute arbitrary code or retrieve arbitrary files within the context of the affected application.
Novell ZENworks Configuration Management is prone to following vulnerabilities:
1. A stack-based buffer-overflow vulnerability
2. An arbitrary file download vulnerability
Exploiting these issues may allow remote attackers to execute arbitrary code or retrieve arbitrary files within the context of the affected application.
Exploit / POC
Novell ZENworks Configuration Management Multiple Security Vulnerabilities
The following exploit codes are available:
The following exploit codes are available:
Solution / Fix
Novell ZENworks Configuration Management Multiple Security Vulnerabilities
Solution:
Updates are available. Please see the references for details.
Solution:
Updates are available. Please see the references for details.
References
Novell ZENworks Configuration Management Multiple Security Vulnerabilities
References:
References: