ZENworks Asset Management rtrlet Component Arbitrary File Upload Vulnerability


Description   A vulnerability has been reported in ZENworks Asset Management, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an error in the handling of path names when uploading files via the rtrlet component. This can be exploited to upload malicious files to an arbitrary location via directory traversal sequences and URL-encoded NULL bytes in the file name.
The vulnerability is reported in version 7.5 interim release IR 25. Other versions may also be affected.
     
Vulnerable Products   Vulnerable Software:
Novell ZENWorks Asset Management 7.x
     
Solution   Apply the SECURITY_Vulnerability_ZAM_7.5 patch. http://download.novell.com/Download?buildid=hPvHtXeNmCU~
     
CVE   CVE-2011-2653
     
References   Novell:
http://download.novell.com/Download?buildid=hPvHtXeNmCU~
ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-11-342/
     
Vulnerability Manager Detection   No
     
IPS Protection  
ASQ Engine alarm Available Since
Misc : Directory traversal - parameter starting with ../
3.2.0
Directory traversal using ..\..
3.2.0
Directory traversal
3.2.0
Directory traversal backward root folder
3.2.0
Escaped NULL char in URL
3.2.0
     


 
 
 
 
 Risk level 
Moderate 

 Vulnerability First Public Report Date 
2011-12-08 

 Target Type 
Server 

 Possible exploit 
Local