Short Name |
APP:NOVELL:ZENWORKS-MOBILE-LFI |
---|---|
Severity |
High |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Novell Zenworks Mobile Device Managment Local File Inclusion |
Release Date |
2013/06/20 |
Update Number |
2275 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vsrx-12.1+ |
This signature detects attempts to exploit a known local file inclusion vulnerability in the Novell Zenworks Mobile Device Managment. It is due to insufficient validation of user-supplied input. A successful attack can result in arbitrary code execution and loss of sensitive information.
Directory traversal vulnerability in MDM.php in Novell ZENworks Mobile Management (ZMM) 2.6.1 and 2.7.0 allows remote attackers to include and execute arbitrary local files via the language parameter.