Security Vulnerability Stack Overflow with ZDM7 Remote Management
This document (7007339) is provided subject to the disclaimer at the end of this document.
A Security Vulnerability exists in ZDM7 code which allows remote attackers to execute arbitrary code which can be made to overflow a stack buffer. This can be abused by an attacker to execute remote code under the context of the system user.
Fixed in ZENworks 7 Desktop Management Service Pack 1 Interim Release 4 Hot Patch 5, see TID 3484245 "Updates to Novell ZENworks 7 Desktop Management" which can be found at https://www.novell.com/support
This issue was reported by Tippingpoint Corporation as ZDI-CAN-751 and was discovered by * sb.
This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:7007339
- Creation Date:08-DEC-10
- Modified Date:30-APR-12
- NovellZENworks Desktop Management
Did this document solve your problem? Provide Feedback