Novell ZENworks Configuration Management Preboot Service 0x6c Buffer Overflow
17 Jan. 2013
Remote exploitation of a stack based buffer overflow vulnerability in Novell Inc.'s ZENworks Configuration Management could allow an attacker to execute arbitrary code with the privileges of the affected service.
The information has been provided by Luigi Auriemma.
*Novell ZENworks Configuration Management version 18.104.22.1682
Exploitation of this vulnerability results in the execution of arbitrary code with the privileges of the affected service. The service runs under a special create created by the installer, which is a member of the Administrators group. In order to exploit this vulnerability, an attacker needs the ability to connect to the target over ports 3037. No authentication is necessary. Exploitation is relatively simple, as the vulnerability is a stack based buffer overflow. It is possible to overwrite various pointers located on the stack, and to corrupt the saved instruction pointer.