Short Name |
APP:NOVELL:ZENWORKS-DIR-TRAV |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Novell ZENworks Configuration Management PreBoot Directory Traversal |
Release Date |
2014/05/09 |
Update Number |
2373 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects directory traversal attempts on Novell ZENworks Configuration Management. Successful attack attempts could allow an attacker to view sensitive system files.
Directory traversal vulnerability in the PreBoot service in Novell ZENworks Configuration Management (ZCM) 11.2 allows remote attackers to read arbitrary files via a .. (dot dot) in a preboot update pathname, aka ZDI-CAN-1595.