Security Vulnerability with ZCM Preboot Service
This document (7005572) is provided subject to the disclaimer at the end of this document.
Environment
Novell ZENworks 10 Configuration Management Imaging
Situation
A vulnerability exists with Novell ZENworks Configuration Management Preboot Service that allows remote attackers to execute arbitrary code on certain installations of Novell ZENworks.
Resolution
This is fixed in version 10.3 - see TID 7005455 "ZENworks Configuration Management SP3 (10.3) - update information and list of fixes" which can be found at http://www.novell.com/support
Status
Security AlertAdditional Information
This Issue was reported as ZDI-CAN-679: Novell ZENworks Configuration Management Preboot Service by TippingPoint. This vulnerability was discovered by: Stephen Fewer of Harmony Security
Disclaimer
This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:7005572
- Creation Date:30-MAR-10
- Modified Date:30-APR-12
- NovellZENworks Configuration Management
Did this document solve your problem? Provide Feedback