ZCM PreBoot Service Information Disclosure Vulnerability - CVE-2013-3706
This document (7014663) is provided subject to the disclaimer at the end of this document.
First, the relative path passed into the function is appended to the base path. That base path contains both 'preboot' and 'update', meaning that the additional checks can never fail. Second, there is no guard against the path traversal using '..' in the path. Together, these issues mean that arbitrary file download is possible without credentials.
This vulnerability was discovered by:Mak Kolybabi and Provided by HP's Zero Day Initiative:
This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:7014663
- Creation Date:28-FEB-14
- Modified Date:10-MAR-14
- NovellZENworks Configuration Management
Did this document solve your problem? Provide Feedback