Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Directory traversal vulnerability in UploadServlet in Novell ZENworks Configuration Management (ZCM) 10 and 11 before 11.3.2 allows remote attackers to execute arbitrary code via a crafted directory name in the uid parameter, in conjunction with a WAR filename in the filename parameter and WAR content in the POST data, a different vulnerability than CVE-2010-5323 and CVE-2010-5324.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Novell ZENworks Configuration Management UploadServlet 目录遍历漏洞
Vulnerability Description
Novell ZENworks Configuration Management(ZCM)是美国Novell公司的一套配置管理解决方案。该方案可借助集成工具,在物理、虚拟和云环境中实现IT管理和业务流程的自动化。 Novell ZCM 10版本和11.3.2之前11版本的UploadServlet中存在目录遍历漏洞。远程攻击者可借助‘type’参数中特制的目录名、‘filename’参数中的WAR文件名和POST数据中的WAR内容,利用该漏洞执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A