Intrusion Prevention

Novell.ZENworks.Desktop.Management.TFTPD.Buffer.Overflow

Description

This indicates an attack attempt against a buffer overflow in Novell ZENworks Desktop Management.
The vulnerability is caused by a boundary error in the TFTPD server component which listens by default on UDP port 69. It allows an attack to execute arbitrary code by sending a specially crafted request to the affected service.

Affected Products

Novell ZENworks Desktop Management 7 SP1

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the latest update from the vendor.
http://www.novell.com/products/zenworks/

CVE References

CVE-2010-4323

Other References

SA42598