Novell ZENworks for Desktops 4.0.1, ZENworks for Servers 3.0.2, and ZENworks 6.5 Desktop Management does not restrict access to Remote Diagnostics, which allows local users to bypass security policies by using Console One.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P
Vendors Products
Novell
  • Zenworks Servers
  • Zenworks Desktops
  • Zenworks

Configuration 1 [-]

OR cpe:2.3:a:novell:zenworks:6.5:*:*:*:*:*:*:*
cpe:2.3:a:novell:zenworks_desktops:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:novell:zenworks_servers:3.0.2:*:*:*:*:*:*:*
References
Link Resource
http://secunia.com/advisories/17700 Patch Vendor Advisory
http://securitytracker.com/id?1015260
http://support.novell.com/cgi-bin/search/searchtid.cgi?/10098818.htm Patch Vendor Advisory
http://www.securityfocus.com/bid/15540
http://www.vupen.com/english/advisories/2005/2544
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2005-11-23T23:00:00

Updated: 2009-02-26T10:00:00

Reserved: 2005-11-23T00:00:00

Link: CVE-2005-3786

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2005-11-23T23:03:00.000

Modified: 2011-03-08T02:27:10.377

Link: CVE-2005-3786

JSON object: View

cve-icon Redhat Information

No data.

CWE