Threat Level: green Handler on Duty: Renato Marinho

SANS ISC: InfoSec Handlers Diary Blog - LANDesk Management Gateway Vulnerability InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

LANDesk Management Gateway Vulnerability

Published: 2010-02-06
Last Updated: 2010-02-06 20:30:23 UTC
by Guy Bruneau (Version: 1)
0 comment(s)

LANDesk has released a security fix for a vulnerability reported for the LANDesk Management Gateway which under certain conditions, will allows an attacker to perform command injection. This could lead to arbitrary commands to be executed under the root context. A fix has been made available and the original advisory posted here.

Affected versions:

LANDesk management Gateway Appliance 4.0-1.48 & 4.2-1.8
-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org

0 comment(s)
Diary Archives