Novell ZENworks Patch Management 6.2
While analyzing the patch Novell ZENworks Patch Management > 6.2 SR1 P1 Security Update (22.214.171.124) â TID 10100709
The script /dagent/downloadreport.asp is vulnerable to an SQL injection for the parameters agentid and pass. The previous patch does not fix this issue.
This has been fixed in ZPM version 126.96.36.1990
6-Aug-2013 - tgordon - Removed Reported to Engineering, this TID might be available for deletion since product is no longer supported.