Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2015.1122
Potential Security Vulnerabilities with ZEN Works
23 April 2015
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Novell ZENworks Configuration Management
Publisher: Novell
Operating System: Windows
Linux variants
Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated
Access Confidential Data -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2015-0786 CVE-2015-0785 CVE-2015-0784
CVE-2015-0783 CVE-2015-0782 CVE-2015-0781
CVE-2015-0780
Original Bulletin:
https://www.novell.com/support/kb/doc.php?id=7016431
- --------------------------BEGIN INCLUDED TEXT--------------------
Potential Security Vulnerabilities with ZEN Works
Document ID: 7016431
Creation Date: 16-APR-15
Modified Date: 17-APR-15
Novell ZENworks Configuration Management
This document (7016431) is provided subject to the disclaimer at the end of
this document.
Environment
Novell ZENworks Configuration Management
Situation
The Zero Day Initiative (ZDI) reported a number of potential vulnerabilities
with the Zenworks product. These vulnerabilities include issues such as SQL
Injection, Directory Traversal, Information Disclosure and Session ID
disclosure.
The vulnerabilities reported are as follows:
ZDI-CAN-2491: ZENworks Preboot Policy Service Stack Buffer Overflow Remote
Code Execution Vulnerability CVE-2015-0786
ZDI-CAN-2575: Novell Zenworks GetStoredResult.class SQL Injection Remote Code
Execution Vulnerability CVE-2015-0780
ZDI-CAN-2576: Novell Zenworks schedule.ScheduleQuery SQL Injection Remote Code
Execution Vulnerability CVE-2015-0782
ZDI-CAN-2577: Novell Zenworks FileViewer Information Disclosure Vulnerability
CVE-2015-0783
ZDI-CAN-2578: Novell Zenworks
com.novell.zenworks.inventory.rtr.actionclasses.wcreports Information
Disclosure Vulnerability* CVE-2015-0785
ZDI-CAN-2579: Novell Zenworks Rtrlet.class Session ID Disclosure Vulnerability
CVE-2015-0784
ZDI-CAN-2600: Novell Zenworks Rtrlet doPost Directory Traversal Remote Code
Execution Vulnerability CVE-2015-0781
Resolution
The resolution to these vulnerabilities, is to patch Zenworks with the
following patch:
http://download.novell.com/Download?buildid=BJbybNUmQRQ~
Disclaimer
This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE
customers and parties interested in our products and solutions to acquire
information, ideas and learn from one another. Materials are provided for
informational, personal or non-commercial use within your organization and are
presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBVTh16xLndAQH1ShLAQLGNg/9FwlugG+TbrRjD5RuDw3G1gZkYUZBpFCA
eFMetvuZhbQtQ460DEtHElBGn5IWGNv9GnjPbbbuZ6kAMYrjhkxvzap3nUTRFmyH
mF9fuvLAnLKDbCM0WaKrnYE1pVynSijqYDzSWSzjHxJUMem8x1FoLtTS95yz2yNX
RKUEnFeazcCVsR0FRrGha81vo4lnaGlGbL1WkAZdjsoNvYmhBY2kQU1IEMOQVHfy
plCw2vrL/HB7aAFhBxGFhUw1XLkhr4p/akI7FgDaF8VuGCUUEJZ8wdrSlYk7ZlQ5
0YwjGzW/X4woHBpokqhCbfZh5d++xaf7Uso+Ubz1FZOsQTAhscd3bl9hcycmp6yQ
efUUhDF+kynNLPFb97P5JYtaAzMm4lxQznRyJGha0WoDw9GH59HFuexnstEWpJ5Y
VTy09bG4uDjd65lgUb6soSgz4yYk6h64pem+JXyZBoYtmYfZNrqjDEfY4kjmrJQ6
8Sf8g9y8xRindF3m5V2Cu+no69j1KxpAl/fUzigQtc24KmXS+8jxwdnei4g2tf1D
6qaZ257SLkidE9q6s4PcAI1uA3HlhpaeZ5F9KOrnvtSk22yJJlo83pbicw0IwRhz
UjXXwIfWtALxz6nLAll06IcV/BKS6nbUGnv5SJZEwX3aPrlmkPU9gI3KV7MSV6wp
3oOGosD0Q/Y=
=s8lG
-----END PGP SIGNATURE-----