Landesk : Security Vulnerabilities, CVEs, (Code Execution)
CVE-2012-1195
Public exploit
Unrestricted file upload vulnerability in andesk/managementsuite/core/core.anonymous/ServerSetup.asmx in the ServerSetup web service in Lenovo ThinkManagement Console 9.0.3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension via a PutUpdateFileCore command in a RunAMTCommand SOAP request, then accessing the file via a direct request to the file in the web root.
Max CVSS
7.5
EPSS Score
68.85%
Published
2012-02-18
Updated
2017-08-29
CVE-2007-1674
Public exploit
Stack-based buffer overflow in the Alert Service (aolnsrvr.exe) in LANDesk Management Suite 8.7 allows remote attackers to execute arbitrary code via a crafted packet to port 65535/UDP.
Max CVSS
10.0
EPSS Score
93.06%
Published
2007-04-18
Updated
2018-10-16
Multiple buffer overflows in the QIP Server Service (aka qipsrvr.exe) in LANDesk Management Suite, Security Suite, and Server Manager 8.8 and earlier allow remote attackers to execute arbitrary code via a crafted heal request, related to the StringToMap and StringSize arguments.
Max CVSS
10.0
EPSS Score
40.34%
Published
2008-09-18
Updated
2018-10-11
3 vulnerabilities found