Sign-up

ID

VAR-200505-0878


CVE

CVE-2005-1543


TITLE

Novell ZENworks Multiple remote overflow vulnerabilities

Trust: 0.6

sources: CNNVD: CNNVD-200505-1199

DESCRIPTION

Multiple stack-based and heap-based buffer overflows in Remote Management authentication (zenrem32.exe) on Novell ZENworks 6.5 Desktop and Server Management, ZENworks for Desktops 4.x, ZENworks for Servers 3.x, and Remote Management allows remote attackers to execute arbitrary code via (1) unspecified vectors, (2) type 1 authentication requests, and (3) type 2 authentication requests. Novell ZENworks is prone to multiple remote pre-authentication buffer overflow vulnerabilities. The issues exist in the 'zenrem32.exe' executable and may be exploited by a remote attacker to execute arbitrary code in the context of the affected service. ---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: Novell ZENworks Remote Management Buffer Overflows SECUNIA ADVISORY ID: SA15433 VERIFY ADVISORY: http://secunia.com/advisories/15433/ CRITICAL: Moderately critical IMPACT: System access WHERE: >From local network SOFTWARE: Novell ZENworks Desktop Management 6.x http://secunia.com/product/4134/ Novell ZENworks for Desktops 4.x http://secunia.com/product/1246/ Novell ZENworks for Servers 3 http://secunia.com/product/1247/ Novell ZENworks Server Management 6.x http://secunia.com/product/5120/ DESCRIPTION: Alex Wheeler has reported some vulnerabilities in ZENworks products, which can be exploited by malicious people to compromise a vulnerable system. These can be exploited to cause heap-based and stack-based buffer overflows by sending some specially crafted traffic. Successful exploitation allows execution of arbitrary code. PROVIDED AND/OR DISCOVERED BY: Alex Wheeler ORIGINAL ADVISORY: Alex Wheeler: http://www.rem0te.com/public/images/zen.pdf Novell: http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097644.htm ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.35

sources: NVD: CVE-2005-1543 // BID: 13678 // VULMON: CVE-2005-1543 // PACKETSTORM: 37674

AFFECTED PRODUCTS

vendor:novellmodel:zenworks server managementscope:eqversion:6.5

Trust: 1.9

vendor:novellmodel:zenworksscope:eqversion:6.5

Trust: 1.6

vendor:novellmodel:zenworks desktopsscope:eqversion:4.0

Trust: 1.6

vendor:novellmodel:zenworks desktopsscope:eqversion:3.2

Trust: 1.6

vendor:novellmodel:zenworks serversscope:eqversion:3.2

Trust: 1.6

vendor:novellmodel:zenworks desktopsscope:eqversion:4.0.1

Trust: 1.6

vendor:novellmodel:zenworks remote managementscope:eqversion:*

Trust: 1.0

vendor:novellmodel:zenworks remote managementscope: - version: -

Trust: 0.9

vendor:novellmodel:zenworks for serversscope:eqversion:3.2

Trust: 0.3

vendor:novellmodel:zenworks for desktopsscope:eqversion:4.0.1

Trust: 0.3

vendor:novellmodel:zenworks for desktopsscope:eqversion:4.0

Trust: 0.3

vendor:novellmodel:zenworks for desktops sp2scope:eqversion:3.2

Trust: 0.3

vendor:novellmodel:zenworks desktop managementscope:eqversion:6.5

Trust: 0.3

sources: BID: 13678 // NVD: CVE-2005-1543 // CNNVD: CNNVD-200505-1199

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2005-1543
value: HIGH

Trust: 1.0

CNNVD: CNNVD-200505-1199
value: HIGH

Trust: 0.6

VULMON: CVE-2005-1543
value: HIGH

Trust: 0.1

NVD:
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: FALSE
obtainAllPrivilege: FALSE
obtainUserPrivilege: TRUE
obtainOtherPrivilege: FALSE
userInteractionRequired: FALSE
version: 2.0

Trust: 1.0

VULMON: CVE-2005-1543
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULMON: CVE-2005-1543 // NVD: CVE-2005-1543 // CNNVD: CNNVD-200505-1199

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-1543

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200505-1199

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200505-1199

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2005-1543

EXPLOIT AVAILABILITY
sources:
            
            
            VULMON: CVE-2005-1543

EXTERNAL IDS
db:BIDid:13678
Trust: 2.0
db:NVDid:CVE-2005-1543
Trust: 2.0
db:SECUNIAid:15433
Trust: 1.8
db:VUPENid:ADV-2005-0571
Trust: 1.7
db:SECTRACKid:1014005
Trust: 1.7
db:XFid:20645
Trust: 0.6
db:XFid:2
Trust: 0.6
db:XFid:20644
Trust: 0.6
db:XFid:1
Trust: 0.6
db:XFid:20639
Trust: 0.6
db:BUGTRAQid:20050518 NOVELL ZENWORKS MULTIPLE =?UTF-8?Q?REM=C3=98TE?= STACK & HEAP OVERFLOWS
Trust: 0.6
db:CNNVDid:CNNVD-200505-1199
Trust: 0.6
db:EXPLOIT-DBid:16815
Trust: 0.1
db:VULMONid:CVE-2005-1543
Trust: 0.1
db:PACKETSTORMid:37674
Trust: 0.1
sources:
            
            
            VULMON: CVE-2005-1543 // 
            
            
            
            BID: 13678 // 
            
            
            
            PACKETSTORM: 37674 // 
            
            
            
            NVD: CVE-2005-1543 // 
            
            
            
            CNNVD: CNNVD-200505-1199

REFERENCES
url:http://www.rem0te.com/public/images/zen.pdf
Trust: 2.1
url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097644.htm
Trust: 2.1
url:http://www.securityfocus.com/bid/13678
Trust: 1.7
url:http://securitytracker.com/id?1014005
Trust: 1.7
url:http://secunia.com/advisories/15433
Trust: 1.7
url:http://www.vupen.com/english/advisories/2005/0571
Trust: 1.1
url:http://marc.info/?l=bugtraq&m=111645317713662&w=2
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/20645
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/20644
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/20639
Trust: 1.1
url:http://xforce.iss.net/xforce/xfdb/20645
Trust: 0.6
url:http://xforce.iss.net/xforce/xfdb/20644
Trust: 0.6
url:http://xforce.iss.net/xforce/xfdb/20639
Trust: 0.6
url:http://www.frsirt.com/english/advisories/2005/0571
Trust: 0.6
url:http://marc.theaimsgroup.com/?l=bugtraq&m=111645317713662&w=2
Trust: 0.6
url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2971493.htm
Trust: 0.3
url:/archive/1/400207
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/.html
Trust: 0.1
url:http://tools.cisco.com/security/center/viewalert.x?alertid=9241
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://www.exploit-db.com/exploits/16815/
Trust: 0.1
url:https://www.rapid7.com/db/modules/exploit/windows/novell/zenworks_desktop_agent
Trust: 0.1
url:http://secunia.com/product/5120/
Trust: 0.1
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/product/1246/
Trust: 0.1
url:http://secunia.com/advisories/15433/
Trust: 0.1
url:http://secunia.com/product/1247/
Trust: 0.1
url:http://secunia.com/secunia_vacancies/
Trust: 0.1
url:http://secunia.com/product/4134/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            VULMON: CVE-2005-1543 // 
            
            
            
            BID: 13678 // 
            
            
            
            PACKETSTORM: 37674 // 
            
            
            
            NVD: CVE-2005-1543 // 
            
            
            
            CNNVD: CNNVD-200505-1199

CREDITS
Alex Wheeler
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200505-1199

SOURCES
db:VULMONid:CVE-2005-1543
db:BIDid:13678
db:PACKETSTORMid:37674
db:NVDid:CVE-2005-1543
db:CNNVDid:CNNVD-200505-1199

LAST UPDATE DATE
2023-12-18T10:58:15.490000+00:00

SOURCES UPDATE DATE
db:VULMONid:CVE-2005-1543date:2017-07-11T00:00:00
db:BIDid:13678date:2009-07-12T14:56:00
db:NVDid:CVE-2005-1543date:2017-07-11T01:32:41.470
db:CNNVDid:CNNVD-200505-1199date:2005-10-20T00:00:00

SOURCES RELEASE DATE
db:VULMONid:CVE-2005-1543date:2005-05-25T00:00:00
db:BIDid:13678date:2005-05-18T00:00:00
db:PACKETSTORMid:37674date:2005-05-29T20:22:44
db:NVDid:CVE-2005-1543date:2005-05-25T04:00:00
db:CNNVDid:CNNVD-200505-1199date:2005-05-25T00:00:00