Blog

Thursday 10 January 2008 - Novell ZENworks Endpoint Security Management Local Privilege Escalation Vulnerability

By Stephen Fewer

iDefense has published an advisory for a vulnerability in the Novell ZENworks Endpoint Security Management (ESM) Security Client which was discovered by Stephen Fewer of Harmony Security. It is a local privilege escalation vulnerability whereby an unprivileged user can trivially run executables with SYSTEM privileges.

You can read the full iDefense advisory here:

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=635

Labels:

 

 

Bookmark and Share