Signature Detail

Short Name	APP:NOVELL:ZENWORKS-AGENT-OF
Severity	High
Recommended	No
Recommended Action	Drop
Category	APP
Keywords	Novell ZENworks Agent Buffer Overflow
Release Date	2005/06/01
Update Number	1213
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

APP: Novell ZENworks Agent Buffer Overflow

This signature detects attempts to exploit a known vulnerability against the ZENworks application by Novell. Attackers can remotely overflow the authentication protocol to execute arbitrary code on the target.

Extended Description

Novell ZENworks is prone to multiple remote pre-authentication buffer overflow vulnerabilities. The issues exist in the 'zenrem32.exe' executable and may be exploited by a remote attacker to execute arbitrary code in the context of the affected service.

Affected Products

Novell ZENworks Desktop Management 6.5.0
Novell ZENworks for Desktops 3.2.0 SP2
Novell ZENworks for Desktops 4.0.0
Novell ZENworks for Desktops 4.0.1
Novell ZENworks for Servers 3.2.0
Novell ZENworks Remote Management
Novell ZENworks Server Management 6.5.0

References

BugTraq: 13678
CVE: CVE-2005-1543
URL: http://www.rem0te.com/public/images/zen.pdf
URL: http://www.securityfocus.com/bid/13678
URL: http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097644.htm

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

APP: Novell ZENworks Agent Buffer Overflow

Extended Description

Affected Products

References