2 matches found
CVE-2012-4933
The rtrlet web application in the Web Console in Novell ZENworks Asset Management ZAM 7.5 uses a hard-coded username of Ivanhoe and a hard-coded password of Scott for the 1 GetFilePassword and 2 GetConfigInfoPassword operations, which allows remote attackers to obtain sensitive information via a...
CVE-2011-2653
CVE-2011-2653 is a directory traversal vulnerability in Novell ZENworks Asset Management 7.5 (rtrlet/CatchFileServlet) that allows remote attackers to upload an arbitrary executable file and potentially achieve code execution. Multiple connected sources document a path traversal flaw enabling upl...