CVE-2013-3706 Information

Description

Directory traversal vulnerability in the PreBoot service in Novell ZENworks Configuration Management (ZCM) 11.2 allows remote attackers to read arbitrary files via a .. (dot dot) in a preboot update pathname aka ZDI-CAN-1595.

Reference

http://www.novell.com/support/kb/doc.php?id=7014663 http://www.securityfocus.com/bid/65912