Computer Security
[EN] no-pyccku

Novell ZenWorks Configuration Management code execution
SecurityVulns ID:14486
Threat Level:
Description:Code execution via web interface.
Affected:NOVELL : ZENworks Configuration Management 11.3
CVE:CVE-2015-0779 (Directory traversal vulnerability in UploadServlet in Novell ZENworks Configuration Management (ZCM) 10 and 11 before 11.3.2 allows remote attackers to execute arbitrary code via a crafted directory name in the uid parameter, in conjunction with a WAR filename in the filename parameter and WAR content in the POST data, a different vulnerability than CVE-2010-5323 and CVE-2010-5324.)
Original documentdocumentPedro Ribeiro, [CVE-2015-0779]: Novell ZenWorks Configuration Management remote code execution (12.05.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod