Novell ZENworks Configuration Management Arbitrary File Upload Vulnerability


Description   Pedro Ribeiro has reported a vulnerability in Novell ZENworks Configuration Management, which can be exploited to compromise a vulnerable system.
The vulnerability is caused due to an error within the UploadServlet servlet and can be exploited to upload arbitrary files via directory traversal sequences and subsequently execute arbitrary code.
The vulnerability is reported in versions prior to 11.3.2.
     
Vulnerable Products   Vulnerable Software:
Novell ZENworks Configuration Management 11.x
     
Solution   Update to version 11.3.2.
     
CVE   CVE-2015-0779
     
References   Novell:
http://www.novell.com/support/kb/doc.php?id=7016419
Pedro Ribeiro:
https://github.com/pedrib/PoC/blob/master/generic/zenworks_zcm_rce.txt
     
Vulnerability Manager Detection   No
     
IPS Protection  
ASQ Engine alarm Available Since
Misc : Directory traversal - parameter starting with ../
3.2.0
Directory traversal using ..\..
3.2.0
Directory traversal
3.2.0
Directory traversal backward root folder
3.2.0
     


 
 
 
 
 Risk level 
Moderate 

 Vulnerability First Public Report Date 
2015-04-15 

 Target Type 
Server 

 Possible exploit 
Remote