|
Description
|
|
Two vulnerabilities have been reported in ZENworks Configuration Management, which can be exploited by malicious people to conduct session fixation attacks and disclose certain sensitive data.
1) Input passed via the "Filename" GET parameter to /zenworks-unmaninv/ is not properly verified in the "GetFle()" function within the umaninv service before being used to read files. This can be exploited to disclose the contents of arbitrary files via directory traversal sequences.
2) An error in the handling of sessions can be exploited to hijack another user's session by tricking the user into logging in after following a specially crafted link.
The vulnerabilities are reported in versions prior to 11.2.4.
|
|
|
|
|
|
Vulnerable Products
|
|
Vulnerable Software:
Novell ZENworks Configuration Management 11.x
|
|
|
|
|
|
Solution
|
|
Update to version 11.2.4.
|
|
|
|
|
|
CVE
|
|
CVE-2013-1084
|
|
|
|
|
|
References
|
|
Novell:
http://www.novell.com/support/kb/doc.php?id=7012027
http://www.novell.com/support/kb/doc.php?id=7012760
http://www.novell.com/support/kb/doc.php?id=7012808
ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-13-258/
|
|
|
|
|
|
Vulnerability Manager Detection
|
|
No
|
|
|
|
|
|
IPS Protection
|
|
|
|
|
|
|
