CVE-2010-4229

Name of the Vulnerable Software and Affected Versions Novell ZENworks Configuration Management versions 10.3 through 10.3.2 Novell ZENworks Configuration Management version 11

Description The issue allows remote attackers to overwrite files and subsequently execute arbitrary code via directory traversal sequences in a filename field in an upload request to an unspecified servlet in the Inventory component.

Recommendations For Novell ZENworks Configuration Management versions 10.3 through 10.3.2, update to version 10.3.2 or later. For Novell ZENworks Configuration Management version 11, there is no information about a newer version that contains a fix for this issue.