SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   ZENworks Remote Control Vendors:   Novell
(Vendor Issues Fix) Novell ZENworks Remote Management Buffer Overflows in Authentication Protocol Let Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1014065
SecurityTracker URL:  http://securitytracker.com/id/1014065
CVE Reference:   CVE-2005-1543   (Links to External Site)
Date:  May 27 2005
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 3.x, 4.x, 6.5
Description:   A vulnerability was reported in Novell ZENworks Remote Management. A remote user can execute arbitrary code on the target system.

The authentication protocol implementation contains several stack and heap overflows. A remote user can send specially crafted packets to trigger an overflow and potentially execute arbitrary code on the target system.

Several integer values are not properly validated and can overflow. The user-supplied password length in type 1 authentication requests is not properly validated before the user-supplied password is copied into a fixed length buffer. The length of various parameters in type 2 authentication requests are not properly validated.

The flaws reside in 'zenrem32.exe'.

The original advisory is available at:

http://www.rem0te.com/public/images/zen.pdf

Alex Wheeler discovered this vulnerability.

Impact:   A remote user can execute arbitrary code on the target system.
Solution:   The vendor has issued a fix (ZENworks 6.5 Desktop Mgmt SP1 RM patch), available at:

http://support.novell.com/servlet/filedownload/sec/ftf/zdm65sp1rm.exe

Instructions are provided in the vendor's advisory at:

http://support.novell.com/cgi-bin/search/searchtid.cgi?/2971500.htm

Vendor URL:  support.novell.com/cgi-bin/search/searchtid.cgi?/2971500.htm (Links to External Site)
Cause:   Boundary error, Input validation error

Message History:   This archive entry is a follow-up to the message listed below.
May 19 2005 Novell ZENworks Remote Management Buffer Overflows in Authentication Protocol Let Remote Users Execute Arbitrary Code



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC