CVE-2013-3706

MEDIUM(5.0)

AV:N/AC:L/Au:N/C:P/I:N/A:N

Risk Signal Score28/100 — MITTEL

CVSS 5 — Mittel
EPSS 50%

EPSS-Score

50%

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

Technische Schwere

Beschreibung

Directory traversal vulnerability in the PreBoot service in Novell ZENworks Configuration Management (ZCM) 11.2 allows remote attackers to read arbitrary files via a .. (dot dot) in a preboot update pathname, aka ZDI-CAN-1595.

Referenzen

http://www.novell.com/support/kb/doc.php?id=7014663
http://www.securityfocus.com/bid/65912
http://www.novell.com/support/kb/doc.php?id=7014663
http://www.securityfocus.com/bid/65912