CVE-2010-4229
Novell ZENworks Asset Management Path Traversal File Overwrite Remote Code Execution Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Directory traversal vulnerability in an unspecified servlet in the Inventory component in ZENworks Asset Management (ZAM) in Novell ZENworks Configuration Management 10.3 before 10.3.2, and 11, allows remote attackers to overwrite files, and subsequently execute arbitrary code, via directory traversal sequences in a filename field in an upload request.
Vulnerabilidad de salto de directorio en Componente de inventario en ZENworks Asset Management en Novell ZENworks Configuration Management v10.3 anteriores a v10.3.2 y v11, permite a atacantes remotos incluir y ejecutar ficheros locales de su elección al utilizar caracteres .. (punto punto) en el campo nombre de fichero en una petición de subida de ficheros.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell ZENworks Asset Management. Authentication is not required to exploit this vulnerability.
The specific flaw exists within a servlet provided within the Novell Zenworks distribution for uploading files. When processing the path name for the file, the servlet will allow a user to inject path traversal entities into the filename. Then, when the servlet downloads the provided file, the destination will store it to the user-provided location. This can lead to code execution under the context of the service.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2010-11-10 CVE Reserved
- 2011-04-11 CVE Published
- 2024-08-07 CVE Updated
- 2024-09-13 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://securityreason.com/securityalert/8207 | Third Party Advisory | |
| http://securitytracker.com/id?1025313 | Vdb Entry | |
| http://www.securityfocus.com/archive/1/517425/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/47295 | Vdb Entry | |
| http://zerodayinitiative.com/advisories/ZDI-11-118 | X_refsource_misc | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/66656 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/44120 | 2018-10-10 | |
| http://www.novell.com/support/viewContent.do?externalId=7007841 | 2018-10-10 | |
| http://www.vupen.com/english/advisories/2011/0917 | 2018-10-10 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Novell Search vendor "Novell" | Zenworks Configuration Management Search vendor "Novell" for product "Zenworks Configuration Management" | 10.3 Search vendor "Novell" for product "Zenworks Configuration Management" and version "10.3" | - |
Affected
| ||||||
| Novell Search vendor "Novell" | Zenworks Configuration Management Search vendor "Novell" for product "Zenworks Configuration Management" | 10.3.1 Search vendor "Novell" for product "Zenworks Configuration Management" and version "10.3.1" | - |
Affected
| ||||||
| Novell Search vendor "Novell" | Zenworks Configuration Management Search vendor "Novell" for product "Zenworks Configuration Management" | 11 Search vendor "Novell" for product "Zenworks Configuration Management" and version "11" | - |
Affected
| ||||||