FKIE_CVE-2005-1543

Vulnerability from fkie_nvd - Published: 2005-05-25 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Multiple stack-based and heap-based buffer overflows in Remote Management authentication (zenrem32.exe) on Novell ZENworks 6.5 Desktop and Server Management, ZENworks for Desktops 4.x, ZENworks for Servers 3.x, and Remote Management allows remote attackers to execute arbitrary code via (1) unspecified vectors, (2) type 1 authentication requests, and (3) type 2 authentication requests.
References
cve@mitre.orghttp://marc.info/?l=bugtraq&m=111645317713662&w=2
cve@mitre.orghttp://secunia.com/advisories/15433
cve@mitre.orghttp://securitytracker.com/id?1014005
cve@mitre.orghttp://support.novell.com/cgi-bin/search/searchtid.cgi?/10097644.htm
cve@mitre.orghttp://www.rem0te.com/public/images/zen.pdfVendor Advisory
cve@mitre.orghttp://www.securityfocus.com/bid/13678
cve@mitre.orghttp://www.vupen.com/english/advisories/2005/0571
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/20639
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/20644
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/20645
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=111645317713662&w=2
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/15433
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1014005
af854a3a-2127-422b-91ae-364da2661108http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097644.htm
af854a3a-2127-422b-91ae-364da2661108http://www.rem0te.com/public/images/zen.pdfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/13678
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2005/0571
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/20639
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/20644
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/20645
Impacted products
Vendor Product Version
novell zenworks 6.5
novell zenworks_desktops 3.2
novell zenworks_desktops 4.0
novell zenworks_desktops 4.0.1
novell zenworks_remote_management *
novell zenworks_server_management 6.5
novell zenworks_servers 3.2
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:novell:zenworks:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4C0F6C2-8583-4CE7-A95C-59EB4C948F63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:zenworks_desktops:3.2:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "30674610-D472-44F6-AEFF-4D546C876648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:zenworks_desktops:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AE10C5-51EA-4E12-939B-88BDA54A8E03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:zenworks_desktops:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D79D1539-0284-4861-852D-D07AD9A538F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:zenworks_remote_management:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48960EE3-A04A-4B40-847D-4EC515CF785B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:zenworks_server_management:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A7A5DD7-BD95-41F7-9138-8EBF2FE31AF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:zenworks_servers:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D17EAFA2-2E03-4B62-8A98-5F706888FA05",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple stack-based and heap-based buffer overflows in Remote Management authentication (zenrem32.exe) on Novell ZENworks 6.5 Desktop and Server Management, ZENworks for Desktops 4.x, ZENworks for Servers 3.x, and Remote Management allows remote attackers to execute arbitrary code via (1) unspecified vectors, (2) type 1 authentication requests, and (3) type 2 authentication requests."
    }
  ],
  "id": "CVE-2005-1543",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-05-25T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=111645317713662\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/15433"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1014005"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097644.htm"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.rem0te.com/public/images/zen.pdf"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/13678"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2005/0571"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20639"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20644"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20645"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=111645317713662\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/15433"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1014005"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097644.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.rem0te.com/public/images/zen.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/13678"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/0571"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20639"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20644"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20645"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.