CVE-2005-3315

Currently unrated

Key Information:

Vendor: Novell
Status: Zenworks Patch Management Server
Vendor: CVE Published:; 30 October 2005

Summary

Multiple SQL injection vulnerabilities in Novell ZENworks Patch Management 6.x before 6.2.2.181 allow remote attackers to execute arbitrary SQL commands via the (1) Direction parameter to computers/default.asp, and the (2) SearchText, (3) StatusFilter, and (4) computerFilter parameters to reports/default.asp.

References

http://support.novell.com/cgi-bin/search/searchtid.cgi?10...

x_refsource_CONFIRM

http://securityreason.com/securityalert/124

third-party-advisoryx_refsource_SREASON

http://securitytracker.com/id?1015116

vdb-entryx_refsource_SECTRACK

EPSS Score

95% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 30, 2005
Vulnerability Reserved
Oct 26, 2005

Collectors

NVD DatabaseMitre Database