Vulnerabilities > Novell > Zenworks
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-02-27 | CVE-2007-1119 | Unspecified vulnerability in Novell Zenworks 7 Unspecified vulnerability in Novell ZENworks 7 Desktop Management Support Pack 1 before Hot patch 3 (ZDM7SP1HP3) allows remote attackers to upload images to certain folders that were not configured in the "Only allow uploads to the following directories" setting via unspecified vectors. | 6.4 |
2006-07-07 | CVE-2006-3430 | SQL Injection vulnerability in multiple products SQL injection vulnerability in checkprofile.asp in (1) PatchLink Update Server (PLUS) before 6.1 P1 and 6.2.x before 6.2 SR1 P1 and (2) Novell ZENworks 6.2 SR1 and earlier, allows remote attackers to execute arbitrary SQL commands via the agentid parameter. | 7.5 |
2006-07-07 | CVE-2006-3426 | Directory traversal vulnerability in (a) PatchLink Update Server (PLUS) before 6.1 P1 and 6.2.x before 6.2 SR1 P1 and (b) Novell ZENworks 6.2 SR1 and earlier allows remote attackers to overwrite arbitrary files and directories via a .. | 5.0 |
2006-07-07 | CVE-2006-3425 | Authentication Bypass vulnerability in PatchLink Update Server Proxyreg.ASP FastPatch for (a) PatchLink Update Server (PLUS) before 6.1 P1 and 6.2.x before 6.2 SR1 P1, and (b) Novell ZENworks 6.2 SR1 and earlier, does not require authentication for dagent/proxyreg.asp, which allows remote attackers to list, add, or delete PatchLink Distribution Point (PDP) proxy servers via modified (1) List, (2) Proxy, or (3) Delete parameters. | 7.5 |
2005-11-23 | CVE-2005-3786 | Remote Diagnostics Console One Unauthorized Access vulnerability in Novell ZENworks Novell ZENworks for Desktops 4.0.1, ZENworks for Servers 3.0.2, and ZENworks 6.5 Desktop Management does not restrict access to Remote Diagnostics, which allows local users to bypass security policies by using Console One. | 4.6 |
2005-05-25 | CVE-2005-1543 | Remote Pre-Authentication Buffer Overflow vulnerability in Novell ZENworks Multiple stack-based and heap-based buffer overflows in Remote Management authentication (zenrem32.exe) on Novell ZENworks 6.5 Desktop and Server Management, ZENworks for Desktops 4.x, ZENworks for Servers 3.x, and Remote Management allows remote attackers to execute arbitrary code via (1) unspecified vectors, (2) type 1 authentication requests, and (3) type 2 authentication requests. | 7.5 |