header-logo
Suggest Exploit
vendor:
Management Suite
by:
SecurityFocus
7.5
CVSS
HIGH
Directory Traversal
22
CWE
Product Name: Management Suite
Affected Version From: 8.80.1.1
Affected Version To: 8.80.1.1
Patch Exists: YES
Related CWE: N/A
CPE: a:landesk:management_suite
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

LANDesk Management Suite Directory Traversal Vulnerability

LANDesk Management Suite is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue allows an attacker to access arbitrary files outside of the TFTP application's root directory. This can expose sensitive information that could help the attacker launch further attacks.

Mitigation:

Input validation should be used to prevent directory traversal attacks. Additionally, access to sensitive files should be restricted.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/28577/info

LANDesk Management Suite is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data.

Exploiting this issue allows an attacker to access arbitrary files outside of the TFTP application's root directory. This can expose sensitive information that could help the attacker launch further attacks.

LANDesk Management Suite 8.80.1.1 is vulnerable; other versions may also be affected. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/31591.zip

Navigation

Suggest Exploit

Services By CQR