CVE-2011-3175
50Vexday Risk Score
Patch soon. It has a working public exploit.
ssvc Attendepss 66%
from disclosure to weapon102 days
Published on NVDApr 9
1st PoC+102d
metasploitFeb 22
exploitation probability
66%top 1% of all CVEs
observed exploitation
nono source reports it
3 public exploit(s)
Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to execute arbitrary code via an opcode 0x6c request.
Affected products
n/a · n/apublic PoCs found — 3
cve_referencewww.exploit-db.com/exploits/19958unverifiedexploitdbwww.exploit-db.com/exploits/19959unverifiedexploitdbwww.exploit-db.com/exploits/19958unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
References
http://download.novell.com/Download?buildid=rs4B5jhWKf8~http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5127930.htmlhttp://www.exploit-db.com/exploits/19958http://www.novell.com/support/viewContent.do?externalId=7010044http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=973