CVE-2015-0781 – Novell Zenworks Rtrlet doPost Directory Traversal Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-0781
Directory traversal vulnerability in the doPost method of the Rtrlet class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to upload and execute arbitrary files via unspecified vectors. Una vulnerabilidad de salto de directorio en el método doPost de la clase Rtrlet en ZENworks Configuration Management (ZCM) de Novell permite que atacantes remotos suban y ejecuten archivos arbitrarios mediante vectores sin especificar. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Zenworks. By default, authentication is not required to exploit this vulnerability. The specific flaw exists within the doPost method of the Rtrlet class. The issue lies in the failure to sanitize the path of files uploaded, allowing files to be placed anywhere on the server. • http://www.securityfocus.com/bid/74291 http://www.zerodayinitiative.com/advisories/ZDI-15-151 https://www.novell.com/support/kb/doc.php?id=7016431 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2015-0782 – Novell Zenworks schedule.ScheduleQuery SQL Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-0782
SQL injection vulnerability in the ScheduleQuery method of the schedule class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Una vulnerabilidad de inyección SQL en el método ScheduleQuery de la clase schedule en ZENworks Configuration Management (ZCM) de Novell permite que atacantes remotos ejecuten comandos SQL arbitrarios mediante vectores sin especificar. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Zenworks. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ScheduleQuery method of the schedule class. The issue lies in the failure to sanitize user-supplied input prior to executing a SQL statement. • http://www.securityfocus.com/bid/72808 http://www.zerodayinitiative.com/advisories/ZDI-15-148 https://www.novell.com/support/kb/doc.php?id=7016431 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2015-0783 – Novell Zenworks FileViewer Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2015-0783
The FileViewer class in Novell ZENworks Configuration Management (ZCM) allows remote authenticated users to read arbitrary files via the filename variable. La clase FileViewer en ZENworks Configuration Management (ZCM) de Novell permite que usuarios remotos autenticados lean archivos arbitrarios mediante la variable filename. This vulnerability allows attackers to obtain sensitive information on vulnerable installations of Novell Zenworks. User interaction is not required to exploit this vulnerability. The specific flaw exists within the FileViewer class. The issue lies in the failure to sanitize the "filename" variable. • http://www.securitytracker.com/id/1032166 http://www.zerodayinitiative.com/advisories/ZDI-15-150 https://www.novell.com/support/kb/doc.php?id=7016431 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2015-0784 – Novell Zenworks Rtrlet.class Session ID Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2015-0784
Rtrlet.class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to obtain Session IDs of logged in users via a value of ShowLogins for the maintenance variable. La clase Rtrlet.class enZENworks Configuration Management (ZCM) de Novell permite que atacantes remotos obtengan los identificadores de sesión de usuarios que han iniciado sesión mediante un valor ShowLogins para la variable maintenance. This vulnerability allows attackers to disclose Session ID's of logged in users on vulnerable installations of Novell Zenworks. User interaction is not required to exploit this vulnerability. The specific flaw exists within Rtrlet.class. By sending a POST request with the maintenance variable set to "ShowLogins" the applet returns information about the logged in users. • http://www.securityfocus.com/bid/74289 http://www.securitytracker.com/id/1032166 http://www.zerodayinitiative.com/advisories/ZDI-15-149 https://www.novell.com/support/kb/doc.php?id=7016431 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2015-0785 – Novell Zenworks com.novell.zenworks.inventory.rtr.actionclasses.wcreports Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2015-0785
com.novell.zenworks.inventory.rtr.actionclasses.wcreports in Novell ZENworks Configuration Management (ZCM) allows remote attackers to read arbitrary folders via the dirname variable. com.novell.zenworks.inventory.rtr.actionclasses.wcreports en ZENworks Configuration Management (ZCM) de Novell permite que usuarios remotos autenticados lean carpetas arbitrarias mediante la variable dirname. This vulnerability allows attackers to obtain sensitive information on vulnerable installations of Novell Zenworks. User interaction is not required to exploit this vulnerability. The specific flaw exists within com.novell.zenworks.inventory.rtr.actionclasses.wcreports. The issue lies in the failure to sanitize the path of the "dirname" variable. The attacker can leverage this to disclose the contents of folders on the system. • http://www.securityfocus.com/bid/74288 http://www.zerodayinitiative.com/advisories/ZDI-15-152 https://www.novell.com/support/kb/doc.php?id=7016431 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •