You are here

T-562: Novell ZENworks Configuration Management novell-tftp.exe Buffer Overflow

February 22, 2011 - 7:00am

Addthis

PROBLEM:

Novell ZENworks Buffer Overflow in TFTPD.

PLATFORM:

Novell ZENworks Configuration Management 10.x, Novell ZENworks Configuration Management 11.x

ABSTRACT:

A vulnerability has been reported in Novell ZENworks Configuration Management, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in novell-tftp.exe when parsing requests. This can be exploited to cause a heap-based buffer overflow via a specially crafted request sent to UDP port 69. The vulnerability is reported in versions 10.3.1, 10.3.2, and 11.0.

reference  LINKS:

Security Tracker Reference - CVE-2010-4323
MITRE Reference - CVE-2010-4323
Secunia Advisory SA43379 - Reference - CVE-2010-4323 

IMPACT ASSESSMENT:

Medium

Discussion:

Heap-based buffer overflow in novell-tftp.exe in Novell ZENworks Configuration Manager (ZCM) 10.3.1, 10.3.2, and 11.0, and earlier versions, allows remote attackers to execute arbitrary code via a long TFTP request.

Solution:

Link to the following patch sets: ZCM 11, ZCM 10.3.2, ZCM 10.3.1, and ZCM 10.
For ZCM 11: A fix for this issue is intended to be included in a future update to the product: however, in the interim, Novell has made a Patch available: it can be obtained at http://download.novell.com/Download?buildid=KN7WZylayYc~ as "ZCM 11.0 TFTP vulnerability - see TID 7007896 ". For ZCM 10.3.2: A fix for this issue is intended to be included in a future update to the product: however, in the interim, Novell has made a Patch available: it can be obtained at http://download.novell.com/Download?buildid=EXTzSp-HKZ8~ as "ZCM 10.3.2 TFTP vulnerability - see TID 7007896" For ZCM 10.3.1: A fix for this issue is intended to be included in a future update to the product: however, in the interim, Novell has made a Patch available: it can be obtained at http://download.novell.com/Download?buildid=YO_dVg28uzY~ as "ZCM 10.3.1 TFTP vulnerability - see TID 7007896" For earlier versions of ZCM 10: It will be necessary to upgrade to one of the above versions, and apply the appropriate patch.

Addthis