Novell ZENworks Desktop Management Code Execution Vulnerabilities
RISK: Medium Risk
Multiple vulnerabilities have been identified in Novell ZENworks Desktop Management, which could be exploited by remote attackers to take complete control of a vulnerable system.
1. An uninitialized pointer in the "ZenRem32.exe" process when handling incoming connections to port 1761, which could be exploited by remote unauthenticated attackers to execute arbitrary code with elevated privileges.
2. A buffer overflow error in the "ZenRem32.exe" process when handling the Console DN field of incoming requests sent to port 1761, which could be exploited by remote unauthenticated attackers to execute arbitrary code with elevated privileges.
3. A buffer overflow error in the tftpd server component when handling the filename in a Read Request (0x01) packet type sent to port 69/UDP, which could be exploited by remote unauthenticated attackers to execute arbitrary code with elevated privileges.
Impact
- Remote Code Execution
System / Technologies affected
- Novell ZENworks 7 Desktop Management versions prior to Service Pack 1 Interim Release 4 Hot Patch 5
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Apply Service Pack 1 Interim Release 4 Hot Patch 5 :
http://www.novell.com/support
Vulnerability Identifier
- No CVE information is available
Source
Related Link
- http://www.vupen.com/english/advisories/2010/3234
- http://www.novell.com/support/viewContent.do?externalId=7007320
- http://www.novell.com/support/viewContent.do?externalId=7007321
- http://www.novell.com/support/viewContent.do?externalId=7007339
- http://www.zerodayinitiative.com/advisories/ZDI-10-285/
- http://www.zerodayinitiative.com/advisories/ZDI-10-284/
- http://www.zerodayinitiative.com/advisories/ZDI-10-283/
Share with