Novell ZENworks appliance Vulnerability - CAN-1999-0618

  • 7013210
  • 05-Sep-2013
  • 05-Sep-2013


Novell ZENworks Configuration Management 11.2


A potential vulnerability has been found with the ZENworks Appliance server.


Disable the rexecd service if not required for business functionality, or apply access control to block unauthorized connections from connecting to the service.  ZENworks Appliance does not need this service for its functionality. Disable the feature by issuing the command 'chkconfig rexec off'


The rexecd service is running. The rexecd service does  not provide strong authentications measures, and can be used by an attacker to scan third party hosts.

Additional Information