Directory Traversal Vulnerability in Novell ZENworks Configuration Management
CVE-2013-1084

Currently unrated

Key Information:

Vendor

Novell
Status
Zenworks Configuration Management
Vendor
CVE Published:
2 November 2013

What is CVE-2013-1084?

A directory traversal vulnerability exists in the umaninv service of Novell ZENworks Configuration Management, specifically in the GetFle method. This weakness allows remote attackers to exploit the Filename parameter in a GetFile action, manipulating file paths with '../' sequences to access arbitrary files on the server. Organizations utilizing the affected version should prioritize applying available patches to safeguard against unauthorized file access.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.novell.com/support/kb/doc.php?id=7012760
x_refsource_CONFIRM
http://www.novell.com/support/kb/doc.php?id=7012027
x_refsource_CONFIRM
http://secunia.com/advisories/55450
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.