Rapid7 researcher Juan Vazquez recently uncovered a zero-day security flaw in Novell ZENworks Asset Management 7.5. This Vulnerability (CVE-2012-4933) gives access to any files with system privileges and could also allow an attacker to grab configuration parameters, including the backend credentials in clear text.
ZENworks Asset Management provides a Web Console, where the user can access the data collected about network devices and edit some information. This web interface provides some maintenance calls, two of them accessible with hardcoded credentials, allowing a remote attacker to retrieve any file from the remote file system with SYSTEM privileges and to get configuration parameters from the ZENworks Asset Management including the backend credentials in clear text.
The vulnerability currently remains unpatched and US CERT recommends that users implement firewall rules that will restrict access to the web interface by unauthorised users.
Read here, more about exploitation of this vulnerability and find two auxiliary modules that will give Metasploit users the ability to test their ZENworks software.
