| VID |
21947 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The PatchLink Update Server (PLUS) is vulnerable to a directory traversal vulnerability via the nwupload.asp script. The PatchLink Update Server (PLUS) and ZENworks Patch Management is the product of the patch and vulnerability management solution for medium and large enterprise networks. PatchLink Update Server (PLUS) versions prior to 6.1 P1 or prior to 6.2 SR1 P1 and ZENworks Patch Management versions prior to 6.2 SR1 could allow a remote attacker to traverse directories, caused by improper filtering of user-supplied input passed to the 'action', 'agentid', and 'index' parameters of the '/dagent/nwupload.asp' script. A remote attacker could exploit this vulnerability to remove directories required by the application and write arbitrary content to files on the affected host.
* References:
http://www.frsirt.com/english/advisories/2006/2596 http://www.frsirt.com/english/advisories/2006/2595
http://secunia.com/advisories/20878
http://secunia.com/advisories/20876
http://www.securityfocus.com/archive/1/438710/30/0/threaded
http://support.novell.com/cgi-bin/search/searchtid.cgi?10100709.htm
* Platforms Affected:
PatchLink, PatchLink Update versions prior to 6.1 P1
PatchLink, PatchLink Update versions prior to 6.2 SR1 P1
Novell, ZENworks Patch Management versions prior to 6.2 SR1
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version of PatchLink Update Server (6.1 P1 or 6.2 SR1 P1 or later) if using PatchLink Update Server, available from the PatchLink Web site at http://patchlink.custhelp.com/cgi-bin/patchlink.cfg/php/enduser/std_adp.php?p_faqid=303
-- OR --
Upgrade to the latest version of Novell ZENworks Patch Management (6.2 SR1 P1 or later) if using Novell ZENworks Patch Management, a available from the ZENworks Patch Management Download Web site at http://www.patchlink.com/downloads/support/helpdesk/3808/NOVELL/HotfixInstaller.msi |
| Related URL |
CVE-2006-3426 (CVE) |
| Related URL |
18732 (SecurityFocus) |
| Related URL |
(ISS) |
|
