CERTA-2008-AVI-003

Vulnerability from certfr_avis - Published: 2008-01-07 - Updated: 2008-01-07

Une vulnérabilité a été découverte dans Novell ZENworks Endpoint Security Management et permet, localement, à un individu malveillant une élévation de privilèges.

Description

Cette vulnérabilité est due au moteur STEngine qui exécute une commande issue de certains répertoires ayant des permissions d'accès non sécurisées lors de la génération de rapports de diagnostic. Cette vulnérabilité peut, par exemple, être exploitée en plaçant le fichier cmd.exe dans ces répertoires.

Solution

Se référer au bulletin de sécurité iDefense et à la page de téléchargement Novell pour l'obtention des correctifs (cf. section Documentation).

Novell ZENworks Endpoint Security Management 3.x.

Impacted products
Vendor Product Description
References

Show details on source website
To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eNovell ZENworks Endpoint Security Management 3.x.\u003c/P\u003e",
  "content": "## Description\n\nCette vuln\u00e9rabilit\u00e9 est due au moteur STEngine qui ex\u00e9cute une commande\nissue de certains r\u00e9pertoires ayant des permissions d\u0027acc\u00e8s non\ns\u00e9curis\u00e9es lors de la g\u00e9n\u00e9ration de rapports de diagnostic. Cette\nvuln\u00e9rabilit\u00e9 peut, par exemple, \u00eatre exploit\u00e9e en pla\u00e7ant le fichier\ncmd.exe dans ces r\u00e9pertoires.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 iDefense et \u00e0 la page de\nt\u00e9l\u00e9chargement Novell pour l\u0027obtention des correctifs (cf. section\nDocumentation).\n",
  "cves": [
    {
      "name": "CVE-2007-5665",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5665"
    }
  ],
  "initial_release_date": "2008-01-07T00:00:00",
  "last_revision_date": "2008-01-07T00:00:00",
  "links": [],
  "reference": "CERTA-2008-AVI-003",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-01-07T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Novell ZENworks Endpoint\nSecurity Management et permet, localement, \u00e0 un individu malveillant une\n\u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Novell ZENworks Endpoint Security Management",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Page de t\u00e9l\u00e9chargement de la mise \u00e0 jour Novell",
      "url": "http://download.novell.com/Download?buildid=5Y6xbs-OKLE"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 iDefense du 24 d\u00e9cembre 2007",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=635"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.