Lucene search
RgodZDI-13-088HistoryMay 29, 2013 - 12:00 a.m.
Novell ZENworks Mobile Management DUSAP.php Remote Code Execution Vulnerability
2013-05-2900:00:00
rgod
www.zerodayinitiative.com
12
0.364 Low
EPSS
Percentile
97.2%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell ZENworks Mobile Management . Authentication is not required to exploit this vulnerability. The specific flaw exists within DUSAP.php, which receives a ‘language’ variable which later is used to include arbitrary resources from the local filesystem via require_once(). A remote attacker can abuse this to execute remote code under the context of the process running.
Related
d2
d2
DSquare Exploit Pack: D2SEC_ZMDM
2013-03-29 16:09:00
saint
saint
Novell ZENworks Mobile Management DUSAP.php Language Parameter Vulnerability
2013-07-18 00:00:00
Novell ZENworks Mobile Management DUSAP.php Language Parameter Vulnerability
2013-07-18 00:00:00
Novell ZENworks Mobile Management DUSAP.php Language Parameter Vulnerability
2013-07-18 00:00:00
cvelist
cvelist
CVE-2013-1082
2022-10-03 16:14:48
nvd
nvd
CVE-2013-1082
2013-03-29 16:09:05
cve
cve
CVE-2013-1082
2022-10-03 16:14:48
openvas
openvas
Novell ZENworks Mobile Management Directory Traversal Vulnerability
2013-06-14 00:00:00
checkpoint_advisories
checkpoint_advisories
Novell ZENworks Mobile Management DUSAP.php Code Execution (CVE-2013-1082)
2013-08-25 00:00:00
prion
prion
Directory traversal
2013-03-29 16:09:00