Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2015.1122 Potential Security Vulnerabilities with ZEN Works 23 April 2015 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Novell ZENworks Configuration Management Publisher: Novell Operating System: Windows Linux variants Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated Access Confidential Data -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2015-0786 CVE-2015-0785 CVE-2015-0784 CVE-2015-0783 CVE-2015-0782 CVE-2015-0781 CVE-2015-0780 Original Bulletin: https://www.novell.com/support/kb/doc.php?id=7016431 - --------------------------BEGIN INCLUDED TEXT-------------------- Potential Security Vulnerabilities with ZEN Works Document ID: 7016431 Creation Date: 16-APR-15 Modified Date: 17-APR-15 Novell ZENworks Configuration Management This document (7016431) is provided subject to the disclaimer at the end of this document. Environment Novell ZENworks Configuration Management Situation The Zero Day Initiative (ZDI) reported a number of potential vulnerabilities with the Zenworks product. These vulnerabilities include issues such as SQL Injection, Directory Traversal, Information Disclosure and Session ID disclosure. The vulnerabilities reported are as follows: ZDI-CAN-2491: ZENworks Preboot Policy Service Stack Buffer Overflow Remote Code Execution Vulnerability CVE-2015-0786 ZDI-CAN-2575: Novell Zenworks GetStoredResult.class SQL Injection Remote Code Execution Vulnerability CVE-2015-0780 ZDI-CAN-2576: Novell Zenworks schedule.ScheduleQuery SQL Injection Remote Code Execution Vulnerability CVE-2015-0782 ZDI-CAN-2577: Novell Zenworks FileViewer Information Disclosure Vulnerability CVE-2015-0783 ZDI-CAN-2578: Novell Zenworks com.novell.zenworks.inventory.rtr.actionclasses.wcreports Information Disclosure Vulnerability* CVE-2015-0785 ZDI-CAN-2579: Novell Zenworks Rtrlet.class Session ID Disclosure Vulnerability CVE-2015-0784 ZDI-CAN-2600: Novell Zenworks Rtrlet doPost Directory Traversal Remote Code Execution Vulnerability CVE-2015-0781 Resolution The resolution to these vulnerabilities, is to patch Zenworks with the following patch: http://download.novell.com/Download?buildid=BJbybNUmQRQ~ Disclaimer This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBVTh16xLndAQH1ShLAQLGNg/9FwlugG+TbrRjD5RuDw3G1gZkYUZBpFCA eFMetvuZhbQtQ460DEtHElBGn5IWGNv9GnjPbbbuZ6kAMYrjhkxvzap3nUTRFmyH mF9fuvLAnLKDbCM0WaKrnYE1pVynSijqYDzSWSzjHxJUMem8x1FoLtTS95yz2yNX RKUEnFeazcCVsR0FRrGha81vo4lnaGlGbL1WkAZdjsoNvYmhBY2kQU1IEMOQVHfy plCw2vrL/HB7aAFhBxGFhUw1XLkhr4p/akI7FgDaF8VuGCUUEJZ8wdrSlYk7ZlQ5 0YwjGzW/X4woHBpokqhCbfZh5d++xaf7Uso+Ubz1FZOsQTAhscd3bl9hcycmp6yQ efUUhDF+kynNLPFb97P5JYtaAzMm4lxQznRyJGha0WoDw9GH59HFuexnstEWpJ5Y VTy09bG4uDjd65lgUb6soSgz4yYk6h64pem+JXyZBoYtmYfZNrqjDEfY4kjmrJQ6 8Sf8g9y8xRindF3m5V2Cu+no69j1KxpAl/fUzigQtc24KmXS+8jxwdnei4g2tf1D 6qaZ257SLkidE9q6s4PcAI1uA3HlhpaeZ5F9KOrnvtSk22yJJlo83pbicw0IwRhz UjXXwIfWtALxz6nLAll06IcV/BKS6nbUGnv5SJZEwX3aPrlmkPU9gI3KV7MSV6wp 3oOGosD0Q/Y= =s8lG -----END PGP SIGNATURE-----