LANDesk has released a security fix for a vulnerability reported for the LANDesk Management Gateway which under certain conditions, will allows an attacker to perform command injection. This could lead to arbitrary commands to be executed under the root context. A fix has been made available and the original advisory posted here.

Affected versions:

LANDesk management Gateway Appliance 4.0-1.48 & 4.2-1.8
-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org