Vulnerabilities > CVE-2006-6299 - Remote Integer Overflow vulnerability in Novell Zenworks Asset Management 7
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Integer overflow in Msg.dll in Novell ZENworks 7 Asset Management (ZAM) before SP1 IR11 and the Collection client allows remote attackers to execute arbitrary code via crafted packets, which trigger a heap-based buffer overflow.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Nessus
NASL family | Gain a shell remotely |
NASL id | NOVELL_ZENWORKS_ASSET_HEAP.NASL |
description | The remote host is running Novell ZENworks Asset (or Inventory) Management, a remote desktop and network management software. The remote version of this software has multiple heap overflow vulnerabilities that may be exploited by an attacker to execute arbitrary code on the remote host with SYSTEM privileges. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 23787 |
published | 2006-12-11 |
reporter | This script is Copyright (C) 2006-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/23787 |
title | Novell ZENworks Asset Management Collection Client Remote Overflow |
code |
|
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=447
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=448
- http://secunia.com/advisories/23157
- http://securitytracker.com/id?1017326
- http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974824.htm
- http://www.securityfocus.com/bid/21395
- http://www.securityfocus.com/bid/21400
- http://www.vupen.com/english/advisories/2006/4829
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30665