Novell ZENworks Configuration Management is an IT desktop computer management suite that provides the ability to install, configure and administer desktop computers from a centralized location. The product is based on a client/server architecture.
An input validation error in the Preboot Service (novell-pbserv.exe) of Novell ZENworks Configuration Management 10.x prior to 10.3 allows remote attackers to execute arbitrary code on the vulnerable system.
Apply the patches referenced in TID 7005455 to upgrade to ZENworks Configuration Management SP3 (10.3).
Exploit works on Novell ZENworks Configuration Management 10.2.0.