Novell ZENworks Asset Management Arbitrary Files Disclosure Vulnerability

Last Update Date: 19 Oct 2012 09:55 Release Date: 19 Oct 2012 4745 Views

RISK: High Risk

High Risk

TYPE: Operating Systems - Networks OS

TYPE: Networks OS

A vulnerability has been identified in Novell ZENworks Asset Management. A remote user can view arbitrary files on the target system.

 

A remote user can use hard-coded credentials when invoking a maintenance function to read files on the target system with System privileges. The HandleMaintenanceCalls() function accepts a username of 'Ivanhoe' and password of 'Scott'.

 

Note: No vendor patch is available.

Impact

  • Information Disclosure

System / Technologies affected

  •  Version 7.5

Solutions

  • Note: No vendor patch is available.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Oracle Java Multiple Vulnerabilities

18 Oct 2012 5250 Views

Next

HP-UX Java Multiple Vulnerabilities

22 Oct 2012 4604 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY