cbcvebase.
CVE-2010-4323
published 2011-02-19

CVE-2010-4323: Heap-based buffer overflow in novell-tftp.exe in Novell ZENworks Configuration Manager (ZCM) 10.3.1, 10.3.2, and 11.0, and earlier versions, allows remote…

PriorityP353high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
8.08%
94.1th percentile
Heap-based buffer overflow in novell-tftp.exe in Novell ZENworks Configuration Manager (ZCM) 10.3.1, 10.3.2, and 11.0, and earlier versions, allows remote attackers to execute arbitrary code via a long TFTP request.

Affected

3 ranges
VendorProductVersion rangeFixed in
novellzenworks_configuration_manager<= 11.0
novellzenworks_configuration_manager
novellzenworks_configuration_manager

Detection & IOCsextracted from sources · hover to see the quote

filenamenovell-tftp.exe
port69/udp
bytes
\x00\x01 followed by 500+ \x41 bytes, then \x42\x42\x42\x42\x43\x43\x43\x43\x00\x00
  • Detect oversized TFTP RRQ (opcode 0x0001) packets on UDP/69 — the exploit sends a TFTP read-request (\x00\x01) followed by hundreds of 0x41 bytes, far exceeding any legitimate filename length, triggering the heap overflow in novell-tftp.exe.
  • Monitor the novell-tftp.exe process for unexpected child process spawning or crashes, which may indicate successful or attempted heap-based buffer overflow exploitation.
  • ·The PoC hardcodes a specific target IP (192.168.100.24) and uses UDP/69; real-world attacks will vary the destination IP but the protocol and port remain fixed. Detection rules should focus on payload content rather than destination address.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.