| Novell ZENworks Configuration Management (ZCM) contains a flaw that allows traversing outside of a restricted path. The issue is due to the /zenworks/UploadServlet script not properly sanitizing user input, specifically path traversal style attacks (e.g. '../') supplied via the 'uid' POST parameter. This may allow a remote a remote attacker to upload arbitrary files. Making a direct request to the uploaded file will allow the attacker to execute the script with the privileges of the web server. |
