What is CVE-2011-3175?

CVE-2011-3175 is a vulnerability in Novell Zenworks_configuration_management, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2012-04-09.

Is CVE-2011-3175 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Novell Zenworks_configuration_management

CVE-2011-3175

Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to execute arbitrary code via an opcode 0x6c request.

Vulnerability class: Buffer Overflow

EPSS: 0.762 (98.9th percentile) — read the EPSS interpretation.

Affected products

Novell Zenworks_configuration_management — versions 11.1, 11.1a
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

rapid7/metasploit-framework

References

cve@mitre.org (x_refsource_CONFIRM)
cve@mitre.org (x_refsource_CONFIRM)
20120314 Novell ZENworks Configuration Management PreBoot Service Opcode 0x6c Stack Buffer Overflow Vulnerability (x_refsource_IDEFENSE, third-party-advisory)
19958 (exploit, x_refsource_EXPLOIT-DB)
cve@mitre.org (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2011-3175?: CVE-2011-3175 is a vulnerability in Novell Zenworks_configuration_management, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2012-04-09.
Is CVE-2011-3175 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.