Novell ZENworks Handheld Management 'ZfHIPCND.exe' Buffer Overflow Vulnerability Network Vulnerability

Summary

This host is installed with Novell ZENworks Handheld Management and is prone to buffer overflow vulnerability.

Impact

Successful exploitation could allow remote attackers to execute arbitrary code with SYSTEM privileges or cause denial of service. Impact Level: Application/System

Solution

Apply the patch, available from below link, http://download.novell.com/Download?buildid=Sln2Lkqslmk~ ***** NOTE: Ignore this warning, if above mentioned patch is manually applied. *****

Insight

The flaw exists within module 'ZfHIPCND.exe', which allows remote attackers to execute arbitrary code via a crafted request to TCP port 2400.

Affected

Novell ZENworks Handheld Management 7

References

http://secunia.com/advisories/42130
http://www.novell.com/support/viewContent.do?externalId=7007135
http://www.securitytracker.com/id?1024691
http://www.zerodayinitiative.com/advisories/ZDI-10-230/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-4299
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

avast! Multiple Vulnerabilities - Oct09 (Win)
Adobe Photoshop Multiple Buffer Overflow Vulnerabilities
Adobe Reader 'XFDF' File Buffer Overflow Vulnerability (Windows)
ChaSen Buffer Overflow Vulnerability (Linux)
Anzio Web Print Object ActiveX Control Remote BOF Vulnerability

Take action and discover your vulnerabilities