CVE-2012-2215

Novell Zenworks Configuration Management - Path Traversal

Title source: rule

Description

Directory traversal vulnerability in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to read arbitrary files via an opcode 0x21 request.

Exploits (2)

metasploit WORKING POC

by Luigi Auriemma, juan vazquez · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/misc/zenworks_preboot_fileaccess.rb

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by Stephen Fewer, juan vazquez · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/novell/zenworks_preboot_op21_bof.rb

View Code ZIP pw:eip

References (5)

[Patch] http://download.novell.com/Download?buildid=rs4B5jhWKf8~

[Patch] http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5127930.html

[Vendor Advisory] http://www.novell.com/support/viewContent.do?externalId=7010044

[Various Sources] http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=975

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/74189

Scores

EPSS 0.3539

EPSS Percentile 97.1%

Details

CWE

CWE-22

Status published

Products (2)

novell/zenworks_configuration_management 11.1

novell/zenworks_configuration_management 11.1a

Published Apr 09, 2012

Tracked Since Feb 18, 2026