This module exploits a path traversal vulnerability in Novell ZENworks Asset Management. The specific flaw exists within a servlet provided within the Novell Zenworks distribution for uploading files. When processing the path name for the file, the servlet will allow a user to inject path traversal entities into the filename. Then, when the servlet downloads the provided file, the destination will store it to the user-provided location.
This module exploits a path traversal vulnerability in Novell ZENworks Asset Management. The flaw exists within the rtrlet component. This process listens on TCP port 8080. When handling an unauthenticated file upload the process does not properly sanitize the path. Directory traversal can be used to drop a file in an arbitrary location and a null byte inserted into the filename to provide arbitrary extension.
This module exploits a remote stack-based buffer overflow in Novell iManager by creating a class with an overly long name. In order to exploit this vulnerability, you must be able to login to any Novell eDirectory server via the target iManager application. This exploit will bypass DEP on Windows 2003 platforms by disabling it in the context of the current process.
This module exploits a Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter. This allows remote attackers to upload and execute files via a 130 /FSF/CMD request with a .. (dot dot) in a FILE element of an FSFUI record. This vulnerability can be exploited remotely by sending a specially crafted packet to port TCP/3037.
Subscribe to Remote