CVE-2013-3706

Currently unrated

Key Information:

Vendor: Novell
Status: Zenworks Configuration Management
Vendor: CVE Published:; 6 March 2014

Summary

Directory traversal vulnerability in the PreBoot service in Novell ZENworks Configuration Management (ZCM) 11.2 allows remote attackers to read arbitrary files via a .. (dot dot) in a preboot update pathname, aka ZDI-CAN-1595.

References

http://www.novell.com/support/kb/doc.php?id=7014663

x_refsource_CONFIRM

http://www.securityfocus.com/bid/65912

vdb-entryx_refsource_BID

EPSS Score

94% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 6, 2014
Vulnerability Reserved
May 30, 2013

Collectors

NVD DatabaseMitre Database