Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > October 2005 > Novell - ZENworks Patch Management SQL Injection vulnerability [TID10099318]

October 2005

Novell - ZENworks Patch Management SQL Injection vulnerability [TID10099318]

ID: 00965
Ref: 903/05
Date: 31 October 2005:15:16:14
Version: 1
Title: Novell - ZENworks Patch Management SQL Injection vulnerability [TID10099318]
Abstract: Novell have published a technical information document regarding an SQL injection vulnerability in ZPM 6.0.0.52.
Vendors affected: Novell
Operating systems affected: Novell
Applications affected: Novell

Title
=====
Novell - ZENworks Patch Management SQL Injection vulnerability [TID10099318]


Detail
======

Novell have published a technical information document regarding an SQL injection
vulnerability in ZPM 6.0.0.52. the following is an extract from the document:

"The identified SQL Injection issue has been remedied in the 6.1 and 6.2 releases
and we recommend customers who are currently using Version 6.0 or earlier releases
to upgrade to ZENworks Patch Management 6.1 or 6.2 version."

The full document can be view at the following URL:
http://support.novell.com/cgi-bin/search/searchtid.cgi?10099318.htm



  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |