Security Vulnerability with ZCM Remote Execution
This document (7005573) is provided subject to the disclaimer at the end of this document.
Environment
Novell ZENworks 10 Configuration Management Remote Management
Situation
A security vulnerability exists with Novell ZENworks Configuration Management Remote Management - Remote Code Execution which could allow remote attackers to execute arbitrary code.
Resolution
This is fixed in version 10.3 - see TID 7005455 "ZENworks Configuration Management SP3 (10.3) - update information and list of fixes" which can be found at http://www.novell.com/support
Status
Security AlertAdditional Information
This was reported as ZDI-CAN-678 by TippingPoint Corporation. This vulnerability was discovered by: Stephen Fewer of Harmony Security.
Disclaimer
This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:7005573
- Creation Date:30-MAR-10
- Modified Date:27-APR-12
- NovellZENworks Configuration Management
Did this document solve your problem? Provide Feedback