Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	APP:NOVELL:ZENWORKS-DIR-TRAV
Severity	Major
Recommended	No
Recommended Action	Drop
Category	APP
Keywords	Novell ZENworks Configuration Management PreBoot Directory Traversal
Release Date	2014/05/09
Update Number	2373
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

APP: Novell ZENworks Configuration Management PreBoot Directory Traversal

This signature detects directory traversal attempts on Novell ZENworks Configuration Management. Successful attack attempts could allow an attacker to view sensitive system files.

Extended Description

Directory traversal vulnerability in the PreBoot service in Novell ZENworks Configuration Management (ZCM) 11.2 allows remote attackers to read arbitrary files via a .. (dot dot) in a preboot update pathname, aka ZDI-CAN-1595.

Affected Products

Novell zenworks_configuration_management 11.2

References

BugTraq: 65912
CVE: CVE-2013-3706

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

APP: Novell ZENworks Configuration Management PreBoot Directory Traversal

Extended Description

Affected Products

References