Detections
Analytics
Novell ZENworks Configuration Management < 10 SP3 Multiple Flaws
critical Nessus Plugin ID 45569
Language:
Synopsis
The remote Windows host contains an application that is affected by multiple vulnerabilities.Description
ZENworks Configuration Management, a configuration management software from Novell, is installed on the remote Windows host.According to its version, it is affected by several vulnerabilities :
- An unspecified vulnerability in ZCM Preboot Service may allow an attacker to execute arbitrary code on the remote system. (TID 7005572)
- An unspecified vulnerability in ZCM Remote Execution may allow an attacker to execute arbitrary code on the remote system. (TID 7005573)
Solution
Upgrade to ZENworks 10 Configuration Management SP3 (10.3) or later.See Also
https://support.microfocus.com/kb/doc.php?id=7005572
https://support.microfocus.com/kb/doc.php?id=7005573
Plugin Details
Severity: Critical
ID: 45569
File Name: novell_zcm_10_3.nasl
Version: 1.15
Type: local
Agent: windows
Family: Windows
Published: 4/19/2010
Updated: 11/15/2018
Supported Sensors: Nessus Agent, Nessus
Vulnerability Information
CPE: cpe:/a:novell:zenworks_configuration_management
Required KB Items: SMB/Novell/ZENworks/Installed
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 3/30/2010
Vulnerability Publication Date: 3/30/2010
Exploitable With
Metasploit (Novell ZENworks Configuration Management Preboot Service 0x06 Buffer Overflow)
Elliot (Novell ZENworks Configuration Management File Upload)
Reference Information
Secunia: 39212