CVE-2010-4323 – Novell ZenWorks TFTPD Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2010-4323

Heap-based buffer overflow in novell-tftp.exe in Novell ZENworks Configuration Manager (ZCM) 10.3.1, 10.3.2, and 11.0, and earlier versions, allows remote attackers to execute arbitrary code via a long TFTP request. Desbordamiento de búfer basado en memoria dinámica en novell-tftp.exe en Novell ZENworks Configuration Manager (ZCM) v10.3.1, v10.3.2, y v11.0 y versiones anteriores, permite a atacantes remotos ejecutar código arbitrario a través de una consulta TFTP demasiado larga. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Zenworks Configuration Manager. Authentication is not required to exploit this vulnerability. The flaw exists within the novell-tftp.exe component which listens by default on UDP port 69. When handling a request the process blindly copies user supplied data into a fixed-length buffer on the heap. • https://www.exploit-db.com/exploits/16191 http://secunia.com/advisories/43379 http://securityreason.com/securityalert/8092 http://securityreason.com/securityalert/8094 http://www.novell.com/support/viewContent.do?externalId=7007896 http://www.securityfocus.com/archive/1/516524/100/0/threaded http://www.securityfocus.com/bid/46434 http://www.securitytracker.com/id?1025092 http://www.vupen.com/english/advisories/2011/0425 http://www.zerodayinitiative.com/advisories/ZDI-11-089 https:/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •