CVE-2011-2657

Novell Zenworks Configuration Management - Path Traversal

Title source: rule

Description

Directory traversal vulnerability in the LaunchProcess function in the LaunchHelp.HelpLauncher.1 ActiveX control in LaunchHelp.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary commands via a pathname in the first argument.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/19718

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by rgod, juan vazquez · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/zenworks_helplauncher_exec.rb

View Code ZIP pw:eip

References (3)

[Patch, Vendor Advisory] http://www.novell.com/support/kb/doc.php?id=7009570

[Third Party Advisory] http://www.zerodayinitiative.com/advisories/ZDI-11-318/

[Exploit] http://www.exploit-db.com/exploits/19718/

Scores

EPSS 0.6991

EPSS Percentile 98.7%

Details

CWE

CWE-22

Status published

Products (3)

novell/zenworks_configuration_management 10.2

novell/zenworks_configuration_management 10.3

novell/zenworks_configuration_management 11 sp1

Published Jul 26, 2012

Tracked Since Feb 18, 2026