3 matches found
Novell ZENworks Configuration Management TFTPD Heap Buffer Overflow (CVE-2010-4323)
Novell ZENworks Configuration Management is an IT desktop computer management suite that is based on a client/server architecture. A management server collects and sends data of managed assets by communicating with client applications installed on computers, or via other management protocols. A...
ZDI-11-089: Novell ZenWorks TFTPD Remote Code Execution Vulnerability
ZDI-11-089: Novell ZenWorks TFTPD Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-089 February 17, 2011 -- CVE ID: CVE-2010-4323 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Novell -- Affected Products: Novell Zenworks -- TippingPointTM IPS...
CVE-2010-4323
This CVE concerns the Novell Zenworks Configuration Manager TFTPD daemon (novell-tftp.exe). A heap-based buffer overflow in TFTPD’s request parsing allows remote code execution via crafted UDP requests sent to port 69. The vulnerability affects ZCM versions including 10.3.1, 10.3.2, 11.0 and earl...