Landesk : Security Vulnerabilities, CVEs, (Code Execution)

CVE-2012-1195

Public exploit
Unrestricted file upload vulnerability in andesk/managementsuite/core/core.anonymous/ServerSetup.asmx in the ServerSetup web service in Lenovo ThinkManagement Console 9.0.3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension via a PutUpdateFileCore command in a RunAMTCommand SOAP request, then accessing the file via a direct request to the file in the web root.
Max CVSS
7.5
EPSS Score
68.85%
Published
2012-02-18
Updated
2017-08-29

CVE-2007-1674

Public exploit
Stack-based buffer overflow in the Alert Service (aolnsrvr.exe) in LANDesk Management Suite 8.7 allows remote attackers to execute arbitrary code via a crafted packet to port 65535/UDP.
Max CVSS
10.0
EPSS Score
93.06%
Published
2007-04-18
Updated
2018-10-16

CVE-2008-2468

Multiple buffer overflows in the QIP Server Service (aka qipsrvr.exe) in LANDesk Management Suite, Security Suite, and Server Manager 8.8 and earlier allow remote attackers to execute arbitrary code via a crafted heal request, related to the StringToMap and StringSize arguments.
Max CVSS
10.0
EPSS Score
40.34%
Published
2008-09-18
Updated
2018-10-11
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close