Directory Traversal Vulnerability in PatchLink Update Server and Novell ZENworks
CVE-2006-3426

Currently unrated

Key Information:

Vendor: Novell
Status: Zenworks; Patchlink Update Server
Vendor: CVE Published:; 7 July 2006

What is CVE-2006-3426?

A directory traversal vulnerability exists in PatchLink Update Server and Novell ZENworks, allowing remote attackers to exploit specific parameters used in file upload requests. By manipulating these parameters, attackers can potentially overwrite arbitrary files and directories on vulnerable systems, leading to unauthorized access or data loss.

References

http://lists.grok.org.uk/pipermail/full-disclosure/2006-J...

mailing-listx_refsource_FULLDISC

http://www.securityfocus.com/bid/18732

vdb-entryx_refsource_BID

http://www.securityfocus.com/archive/1/438710/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 7, 2006
Vulnerability Reserved
Jul 6, 2006