Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
FastPatch for (a) PatchLink Update Server (PLUS) before 6.1 P1 and 6.2.x before 6.2 SR1 P1, and (b) Novell ZENworks 6.2 SR1 and earlier, does not require authentication for dagent/proxyreg.asp, which allows remote attackers to list, add, or delete PatchLink Distribution Point (PDP) proxy servers via modified (1) List, (2) Proxy, or (3) Delete parameters.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PatchLink Update Server 'Proxyreg.ASP'认证绕过漏洞
Vulnerability Description
FastPatch for (a) PatchLink Update Server (PLUS) 6.1 P1之前版本及 6.2 SR1 P1之前的6.2.x版本, 以及(b) Novell ZENworks 6.2 SR1及之前版本的FastPatch对dagent/proxyreg.asp不要求认证。远程攻击者可以借助修改的 (1) List, (2) Proxy, 或 (3) Delete 参数,列出、添加或删除PatchLink Distribution Point (PDP) 代理服务器。
CVSS Information
N/A
Vulnerability Type
N/A