Intrusion Prevention

Novell.ZENworks.Configuration.Management.Directory.Traversal

Description

This indicates an attack attempt to exploit a Directory Traversal vulnerability in Novell ZENworks Configuration Management.
The vulnerability is caused by an error that occurs when the vulnerable software handles a malicious packet. A remote attacker may be able to exploit this to upload a malicious file in the affected machine and execute arbitrary code within the context of the process user.

Affected Products

Novell ZENworks Configuration Management prior to 11.3.2

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the latest update from the vendor.
https://www.novell.com/support/kb/doc.php?id=7015776

CVE References

CVE-2015-0779