CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
99.5%
Multiple stack-based and heap-based buffer overflows in Remote Management authentication (zenrem32.exe) on Novell ZENworks 6.5 Desktop and Server Management, ZENworks for Desktops 4.x, ZENworks for Servers 3.x, and Remote Management allows remote attackers to execute arbitrary code via (1) unspecified vectors, (2) type 1 authentication requests, and (3) type 2 authentication requests.
Vendor | Product | Version | CPE |
---|---|---|---|
novell | zenworks | 6.5 | cpe:2.3:a:novell:zenworks:6.5:*:*:*:*:*:*:* |
novell | zenworks_desktops | 3.2 | cpe:2.3:a:novell:zenworks_desktops:3.2:sp2:*:*:*:*:*:* |
novell | zenworks_desktops | 4.0 | cpe:2.3:a:novell:zenworks_desktops:4.0:*:*:*:*:*:*:* |
novell | zenworks_desktops | 4.0.1 | cpe:2.3:a:novell:zenworks_desktops:4.0.1:*:*:*:*:*:*:* |
novell | zenworks_remote_management | * | cpe:2.3:a:novell:zenworks_remote_management:*:*:*:*:*:*:*:* |
novell | zenworks_server_management | 6.5 | cpe:2.3:a:novell:zenworks_server_management:6.5:*:*:*:*:*:*:* |
novell | zenworks_servers | 3.2 | cpe:2.3:a:novell:zenworks_servers:3.2:*:*:*:*:*:*:* |
marc.info/?l=bugtraq&m=111645317713662&w=2
secunia.com/advisories/15433
securitytracker.com/id?1014005
support.novell.com/cgi-bin/search/searchtid.cgi?/10097644.htm
www.rem0te.com/public/images/zen.pdf
www.securityfocus.com/bid/13678
www.vupen.com/english/advisories/2005/0571
exchange.xforce.ibmcloud.com/vulnerabilities/20639
exchange.xforce.ibmcloud.com/vulnerabilities/20644
exchange.xforce.ibmcloud.com/vulnerabilities/20645