Novell Home

My Favorites

Close

Please to see your favorites.

Security Vulnerability with ZCM Remote Execution

This document (7005573) is provided subject to the disclaimer at the end of this document.

Environment

Novell ZENworks 10 Configuration Management Remote Management

Situation

A security vulnerability exists with  Novell ZENworks Configuration Management Remote Management - Remote Code Execution which could allow remote attackers to execute arbitrary code.

Resolution

This is fixed in version 10.3 - see TID 7005455 "ZENworks Configuration Management SP3 (10.3) - update information and list of fixes" which can be found at http://www.novell.com/support

Status

Security Alert

Additional Information

This was reported as ZDI-CAN-678 by TippingPoint Corporation.   This vulnerability was discovered by: Stephen Fewer of Harmony Security.

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7005573
  • Creation Date:30-MAR-10
  • Modified Date:27-APR-12
    • NovellZENworks Configuration Management

Did this document solve your problem? Provide Feedback