CVE-2012-2215
published 2012-04-09CVE-2012-2215: Directory traversal vulnerability in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to read…
PriorityP348medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
28.26%
97.9th percentile
Directory traversal vulnerability in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to read arbitrary files via an opcode 0x21 request.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| novell | zenworks_configuration_management | — | — |
| novell | zenworks_configuration_management | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Metasploit
Novell ZENworks Configuration Management Preboot Service 0x21 Buffer Overflow
metasploit
Novell ZENworks Configuration Management Preboot Service 0x21 Buffer Overflow
Novell ZENworks Configuration Management Preboot Service 0x21 Buffer Overflow
This module exploits a remote buffer overflow in the ZENworks Configuration Management 10 SP2. The vulnerability exists in the Preboot service and can be triggered by sending a specially crafted packet with the opcode 0x21 (PROXY_CMD_FTP_FILE) to port 998/TCP. The module has been successfully tested on Novell ZENworks Configuration Management 10 SP2 and Windows Server 2003 SP2 (DEP bypass).
Metasploit
Novell ZENworks Configuration Management Preboot Service Remote File Access
metasploit
Novell ZENworks Configuration Management Preboot Service Remote File Access
Novell ZENworks Configuration Management Preboot Service Remote File Access
This module exploits a directory traversal in the ZENworks Configuration Management. The vulnerability exists in the Preboot service and can be triggered by sending a specially crafted PROXY_CMD_FTP_FILE (opcode 0x21) packet to the 998/TCP port. This module has been successfully tested on Novell ZENworks Configuration Management 10 SP2 and SP3 over Windows.
No writeups or analysis indexed.
http://download.novell.com/Download?buildid=rs4B5jhWKf8~http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5127930.htmlhttp://www.novell.com/support/viewContent.do?externalId=7010044http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=975https://exchange.xforce.ibmcloud.com/vulnerabilities/74189http://download.novell.com/Download?buildid=rs4B5jhWKf8~http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5127930.htmlhttp://www.novell.com/support/viewContent.do?externalId=7010044http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=975https://exchange.xforce.ibmcloud.com/vulnerabilities/74189
2012-04-09
Published