Vulnerability Description
Novell ZENworks for Desktops 4.0.1, ZENworks for Servers 3.0.2, and ZENworks 6.5 Desktop Management does not restrict access to Remote Diagnostics, which allows local users to bypass security policies by using Console One.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Novell | Zenworks | 6.5 |
| Novell | Zenworks Desktops | 4.0.1 |
| Novell | Zenworks Servers | 3.0.2 |
References
- http://secunia.com/advisories/17700PatchVendor Advisory
- http://securitytracker.com/id?1015260
- http://support.novell.com/cgi-bin/search/searchtid.cgi?/10098818.htmPatchVendor Advisory
- http://www.securityfocus.com/bid/15540
- http://www.vupen.com/english/advisories/2005/2544
- http://secunia.com/advisories/17700PatchVendor Advisory
- http://securitytracker.com/id?1015260
- http://support.novell.com/cgi-bin/search/searchtid.cgi?/10098818.htmPatchVendor Advisory
- http://www.securityfocus.com/bid/15540
- http://www.vupen.com/english/advisories/2005/2544
FAQ
What is CVE-2005-3786?
CVE-2005-3786 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Novell ZENworks for Desktops 4.0.1, ZENworks for Servers 3.0.2, and ZENworks 6.5 Desktop Management does not restrict access to Remote Diagnostics, which allows local users to bypass security policies...
How severe is CVE-2005-3786?
CVE-2005-3786 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-3786?
Check the references section above for vendor advisories and patch information. Affected products include: Novell Zenworks, Novell Zenworks Desktops, Novell Zenworks Servers.