3 matches found
CVE-2013-3706
The CVE-2013-3706 issue affects Novell ZENworks Configuration Management (ZCM) PreBoot service, specifically ZCM 11.2. The root cause is directory traversal due to improper validation of the preboot update pathname, enabling remote attackers to read arbitrary files via a .. sequence (ZDI-CAN-1595...
Novell ZENworks Configuration Management < 11.3.0.35304 PreBoot Service Directory Traversal
The remote host has a version of Novell ZENworks Configuration Management installed prior to 11 SP3 11.3.0.35304. It is, therefore, affected by a directory traversal vulnerability due to improper validation of an unspecified parameter of the PreBoot Service when reading files. A remote,...
Novell ZENworks Configuration Management目录遍历漏洞
BUGTRAQ ID: 65912 CVECAN ID: CVE-2013-3706 Novell ZENworks Configuration Management是ZENworks系统网关工具中的配置管理解决方案。 Novell ZENworks Configuration Management 11.2版本的PreBoot服务相关输入没有被正确验证即用于读取文件,这可使恶意用户通过目录遍历序列泄露任意文件的内容。 0 Novell ZENworks Configuration Management 11.2 厂商补丁: Novell ------...