Directory Traversal Vulnerability in PatchLink Update Server and Novell ZENworks
CVE-2006-3426

Currently unrated

Key Information:

Vendor
Novell
Status
Zenworks
Patchlink Update Server
Vendor
CVE Published:
7 July 2006

Summary

A directory traversal vulnerability exists in PatchLink Update Server and Novell ZENworks, allowing remote attackers to exploit specific parameters used in file upload requests. By manipulating these parameters, attackers can potentially overwrite arbitrary files and directories on vulnerable systems, leading to unauthorized access or data loss.

References

http://lists.grok.org.uk/pipermail/full-disclosure/2006-J...
mailing-listx_refsource_FULLDISC
http://www.securityfocus.com/bid/18732
vdb-entryx_refsource_BID
http://www.securityfocus.com/archive/1/438710/100/0/threaded
mailing-listx_refsource_BUGTRAQ

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.