Signature Detail

HTTP: LANDesk Management Gateway Arbitrary Command Injection

This signature detects attempts to exploit a known command injection vulnerability in LANDesk Management Gateway. It is due to insufficient sanitization of input received through a POST request. A remote attacker can exploit this by enticing a target user to open a crafted HTML file. In a successful code injection attack, the behavior of the target host is entirely dependent on the intended function of the injected code which could execute within the security context of the logged in user. If the attack is unsuccessful, the vulnerable application could terminate abnormally.

Extended Description

LANDesk Management Gateway is prone to a cross-site request-forgery vulnerability and a cross-site scripting vulnerability. An attacker can exploit the cross-site request forgery issue to alter the settings on affected devices. This may lead to further network-based attacks, including command-injection attacks to the device's underlying operating system, which can lead to a complete compromise of a vulnerable device. The attacker can exploit the cross-site scripting issue to execute arbitrary script code in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials. Other attacks are also possible.

Affected Products

• LANDesk Software Landesk Management Gateway 4.0-1.48
• LANDesk Software Landesk Management Gateway 4.2-1.8

References

• BugTraq: 38119
• CVE: CVE-2010-0368