7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.1 High
AI Score
Confidence
Low
0.954 High
EPSS
Percentile
99.4%
Heap-based buffer overflow in novell-tftp.exe in Novell ZENworks Configuration Manager (ZCM) 10.3.1, 10.3.2, and 11.0, and earlier versions, allows remote attackers to execute arbitrary code via a long TFTP request.
secunia.com/advisories/43379
securityreason.com/securityalert/8092
securityreason.com/securityalert/8094
www.novell.com/support/viewContent.do?externalId=7007896
www.securityfocus.com/archive/1/516524/100/0/threaded
www.securityfocus.com/bid/46434
www.securitytracker.com/id?1025092
www.vupen.com/english/advisories/2011/0425
www.zerodayinitiative.com/advisories/ZDI-11-089
exchange.xforce.ibmcloud.com/vulnerabilities/65438