Security Update for ZPM Update Agent for Linux/Unix/Mac 6.x

  • 3908994
  • 18-Feb-2008
  • 30-Apr-2012

Environment

Novell ZENworks Patch Management 6.2 - ZPM6.2
Novell ZENworks Patch Management 6.3 - ZPM6.3
Novell ZENworks Patch Management 6.4 - ZPM6.4

Situation

Description
A Security patch update has been released for ZENworks Patch Management Update Agent for Linux/Unix/Mac (LUM) 6.x. Customers are recommended to install this security update at their earliest opportunity.

Applies To:ZPM Update Agent for Unix/Linux/Mac 6.x

Additional Information

Details
Patch Name:
LSA20080201 - Security Update for ZPM Update Agent for LUM 6.x

Impact:Important

CVE:CVE-2008-0525

Description:Below are the list of fixes included in this security update:

Lumension KB528: Symlink vulnerability found in logtrimmer script (40628)
Lumension KB527: The rebootTask contains a symlink vulnerability where a user can run malicious code. (40644)

Systems Affected

ZPM Update Agent for Linux/Unix/Mac 6.4102
ZPM Update Agent for Linux/Unix/Mac 6.3450
ZPM Update Agent for Linux/Unix/Mac 6.2094
Installation
Engineering has created the following fixes which are available from your ZPM Update Server.
Patch NamePatch Description
Security Update for ZPM Update Agent for LUM6.x (non-HPUX)
Security update that is only applicable to non HP-UX operating systems.
Security Update for ZPM Update Agent for LUM6.x (HPUX)
Security update that is only applicable to HP-UX operating systems.


Future Fix
These security updates will be available in the ZPM Update Server 6.4 Service Pack 1 (SP1). Customers are encouraged to upgrade to the latest version of the ZPM Update Server 6.4 software to keep up-to-date.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.