What is CVE-2011-3176?

CVE-2011-3176 is a vulnerability in Novell Zenworks_configuration_management, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2012-04-09.

Is CVE-2011-3176 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Novell Zenworks_configuration_management

CVE-2011-3176

Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to execute arbitrary code via an opcode 0x4c request.

Vulnerability class: Buffer Overflow

EPSS: 0.836 (99.3th percentile) — read the EPSS interpretation.

Affected products

Novell Zenworks_configuration_management — versions 11.1, 11.1a
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

References

20120314 Novell ZENworks Configuration Management PreBoot Service Opcode 0x4c Stack Buffer Overflow Vulnerability (x_refsource_IDEFENSE, third-party-advisory)
cve@mitre.org (x_refsource_CONFIRM)
cve@mitre.org (x_refsource_CONFIRM)
19959 (exploit, x_refsource_EXPLOIT-DB)
cve@mitre.org (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2011-3176?: CVE-2011-3176 is a vulnerability in Novell Zenworks_configuration_management, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2012-04-09.
Is CVE-2011-3176 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.