Update Protection against Novell ZENworks Configuration Management TFTPD Heap Buffer Overflow Vulnerability
| Check Point Reference: | CPAI-2011-071 | |
| Date Published: | ||
| Severity: | ||
| Last Updated: | ||
| Source: | Secunia Advisory: SA43379 | |
| Industry Reference(s): | CVE-2010-4323 | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Novell ZENworks Configuration Management 10.x Novell ZENworks Configuration Management 11.x | ||
| Vulnerability Description A remote code execution vulnerability has been reported in Novell ZENworks Configuration Management. Novell ZENworks Configuration Management is an IT desktop computer management suite that is based on a client/server architecture. A management server collects and sends data of managed assets by communicating with client applications installed on computers, or via other management protocols. An attacker may exploit this issue to execute arbitrary code on a vulnerable system. |
||
|
Update/Patch Available The vendor, Novell, has released an advisory addressing this vulnerability. |
|
|
Vulnerability Details The vulnerability is due to a boundary error in the TFTPD service while parsing crafted client requests. A remote attacker could exploit this issue by sending a crafted packet to the affected server. Successful exploitation of this vulnerability will allow an attacker to execute arbitrary code on the vulnerable system. |
Protection Overview
This protection will detect and block crafted packets sent to the vulnerable server.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection taband select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.