Novell ZENworks Asset Management File Upload Directory Traversal (CVE-2010-4229)

Vulnerability
Protection

Check Point Reference:	CPAI-2011-331
Date Published:
Severity:
Source:
Industry Reference(s):	CVE-2010-4229
Protection Provided by:	Security Gateway R75
Who is Vulnerable? Novell ZENworks Configuration Management prior to 10.3.2
Vulnerability Description A directory traversal vulnerability has been reported in Novell ZENworks Configuration Management. The vulnerability is triggered when the application processes specially crafted POST request. Successful exploitation of this vulnerability could allow the attacker to execute arbitrary code on the vulnerable system with the privileges of the Administrator user.

Vulnerability Details
This is a directory traversal vulnerability in Novell ZENworks Configuration Management. The vulnerability is caused due to improper handling of path names when uploading files via ZENworks Asset Management.

Protection Overview
This protection detects and blocks attempts to upload specially crafted files to the target system.

To configure the defense, select your product from the list below and follow the related protection steps.

Security Gateway R75 / R71 / R70

How Can I Protect My Network?
1. In the IPS tab, click Protections and find the Novell ZENworks Asset Management File Upload Directory Traversal protection using the Search tool and Edit the protection's settings.
2. Install policy on all modules.

How Do I Know if My Network is Under Attack?
SmartView Tracker will log the following entries:
Attack: Application Servers Protection Violation
Attack Information: Novell ZENworks asset management file upload directory traversal

Legal Notice for Threat Center Advisories