| VID |
23176 |
| Severity |
40 |
| Port |
7461 |
| Protocol |
TCP |
| Class |
Daemon |
| Detailed Description |
The Novell ZENworks Asset Management is vulnerable to to multiple heap-based buffer overflow vulnerabilities. Novell ZENworks Asset (or Inventory) Management is a remote desktop and network management software. Novell ZENworks 7 Asset Management (ZAM) versions prior to SP1 IR11 are vulnerable to multiple heap-based buffer overflow vulnerabilities in the Collection Client and Task Server. A remote attacker could exploit these vulnerabilities to execute arbitrary code on the affected host with SYSTEM privileges on Windows systems or root privileges on Unix-based systems.
* References:
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974824.htm
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=447
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=448
* Platforms Affected:
Novell ZENworks Asset Manager versions prior to 7.0sp1ir11
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of ZENworks Asset Management (7.0 SP1 IR11 or later), as listed in Novell Technical Information Document TID2974824 at http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974824.htm |
| Related URL |
CVE-2006-6299 (CVE) |
| Related URL |
21395,21400 (SecurityFocus) |
| Related URL |
30665 (ISS) |
|
