Blog

Tuesday 27 April 2010 - Novell ZENworks UploadServlet Remote Code Execution Vulnerability

TippingPoint's Zero Day Initiative (ZDI) have published an advisory for a remote pre authentication arbitrary file upload vulnerability in Novell ZENworks Configuration Management which leads to arbitrary code execution. This vulnerability was discovered by Stephen Fewer of Harmony Security.

You can read the full ZDI advisory here:
http://www.zerodayinitiative.com/advisories/ZDI-10-078/

Labels:

 

0 Comments:

Post a Comment