PT-2005-4537 · Novell · Novell Zenworks For Desktops+3
Publicado
2005-11-23
·
Atualizado
2011-03-08
·
CVE-2005-3786
CVSS v2.0
4.6
Média
| Vetor | AV:L/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Novell ZENworks for Desktops version 4.0.1
Novell ZENworks for Servers version 3.0.2
Novell ZENworks 6.5 Desktop Management (affected versions not specified)
Description
The issue allows local users to bypass security policies by utilizing Console One due to unrestricted access to Remote Diagnostics.
Recommendations
For Novell ZENworks for Desktops version 4.0.1, restrict access to Remote Diagnostics to prevent local users from bypassing security policies.
For Novell ZENworks for Servers version 3.0.2, restrict access to Remote Diagnostics to prevent local users from bypassing security policies.
For Novell ZENworks 6.5 Desktop Management, restrict access to Remote Diagnostics to prevent local users from bypassing security policies.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Console One
Novell Zenworks 6.5 Desktop Management
Novell Zenworks For Desktops
Novell Zenworks For Servers