APP: Novell ZENworks Agent Buffer Overflow
This signature detects attempts to exploit a known vulnerability against the ZENworks application by Novell. Attackers can remotely overflow the authentication protocol to execute arbitrary code on the target.
Extended Description
Novell ZENworks is prone to multiple remote pre-authentication buffer overflow vulnerabilities. The issues exist in the 'zenrem32.exe' executable and may be exploited by a remote attacker to execute arbitrary code in the context of the affected service.
Affected Products
Novell zenworks_server_management
Short Name
APP:NOVELL:ZENWORKS-AGENT-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
Agent Buffer CVE-2005-1543 Novell Overflow ZENworks bid:13678
Release Date
06/01/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3726
Port
TCP/0-79,81-442,444-3127,3129-7999,8001-8079,8081-65535
False Positive
Unknown
Vendors
Novell
CVSS Score
7.5