1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Zenworks Cnfg Mgmt RCE

Web Attack: Zenworks Cnfg Mgmt RCE

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempt to exploit an remote code execution vulnerability in Zenworks Configuration Management

Additional Information

Novell ZENworks Configuration Management is an IT management application.

ZENworks Configuration Management is prone to an unspecified remote code-execution vulnerability affecting the 'Preboot Service' component.

Very few details are currently known. We will update this BID when more information emerges.

An attacker can leverage this issue to execute arbitrary code with SYSTEM-level privileges. Failed exploit attempts will result in a denial-of-service condition.

Versions prior to ZENworks Configuration Management 10.3 are vulnerable.

Affected

  • Novell ZENworks Configuration Management 10.1.2 a
  • Novell ZENworks Configuration Management 10.1.2
  • Novell ZENworks Configuration Management 10.1

Response

Updates are available

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube