Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-3706

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2013-3706
Last Modified 07 Mar 2014 02:41:56
Published 06 Mar 2014 06:55:04
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2013-3706

Summary

Directory traversal vulnerability in the PreBoot service in Novell ZENworks Configuration Management (ZCM) 11.2 allows remote attackers to read arbitrary files via a .. (dot dot) in a preboot update pathname, aka ZDI-CAN-1595.

Vulnerable Systems

Application

  • Novell Zenworks Configuration Management 11.2


References

CONFIRM - http://www.novell.com/support/kb/doc.php?id=7014663


Last Updated: 27 May 2016 10:53:57