PT-2005-4537 · Novell · Novell Zenworks For Desktops+3
Published
2005-11-23
·
Updated
2011-03-08
·
CVE-2005-3786
CVSS v2.0
4.6
Medium
| Vector | AV:L/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Novell ZENworks for Desktops version 4.0.1
Novell ZENworks for Servers version 3.0.2
Novell ZENworks 6.5 Desktop Management (affected versions not specified)
Description
The issue allows local users to bypass security policies by utilizing Console One due to unrestricted access to Remote Diagnostics.
Recommendations
For Novell ZENworks for Desktops version 4.0.1, restrict access to Remote Diagnostics to prevent local users from bypassing security policies.
For Novell ZENworks for Servers version 3.0.2, restrict access to Remote Diagnostics to prevent local users from bypassing security policies.
For Novell ZENworks 6.5 Desktop Management, restrict access to Remote Diagnostics to prevent local users from bypassing security policies.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Console One
Novell Zenworks 6.5 Desktop Management
Novell Zenworks For Desktops
Novell Zenworks For Servers