Vulnerabilities > CVE-2005-3786 - Remote Diagnostics Console One Unauthorized Access vulnerability in Novell ZENworks

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

novell

NVD

Published: 2005-11-23

Updated: 2011-03-08

Summary

Novell ZENworks for Desktops 4.0.1, ZENworks for Servers 3.0.2, and ZENworks 6.5 Desktop Management does not restrict access to Remote Diagnostics, which allows local users to bypass security policies by using Console One.

Vulnerable Configurations

Part	Description	Count
Application	Novell Novell Zenworks 6.5 Novell Zenworks Desktops 4.0.1 Novell Zenworks Servers 3.0.2	3

References

http://secunia.com/advisories/17700
http://securitytracker.com/id?1015260
http://support.novell.com/cgi-bin/search/searchtid.cgi?/10098818.htm
http://www.securityfocus.com/bid/15540
http://www.vupen.com/english/advisories/2005/2544