Signature Detail
Short Name |
HTTP:LANDESK-REQ-FORGERY |
|---|---|
Severity |
Medium |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
LANDesk Management Gateway Cross Site Request Forgery Vulnerability |
Release Date |
2012/12/02 |
Update Number |
2207 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: LANDesk Management Gateway Cross Site Request Forgery Vulnerability
This signature detects attempts to exploit a known vulnerability in LANDesk Management Gateway. An attacker craft a url that when followed by a user can modify arbitrary records in the database, including user accounts and administrator privileges. A remote attacker can exploit this vulnerability by enticing a user to follow crafted URI, upon successful exploitation the attacker can login to the administrator console with the created account and execute commands with the privileges of the affected service.
Extended Description
LANDesk Management Gateway is prone to a remote command-execution vulnerability because the appliance fails to adequately sanitize user-supplied input. Successful exploitation may allow an attacker to execute arbitrary commands and completely compromise the device. LANDesk Management Gateway 4.0-1.48, 4.2-1.8, 4.0-1.61s and 4.2-1.61 versions are affected.
Affected Products
- LANDesk Software Landesk Management Gateway 4.0-1.48
- LANDesk Software Landesk Management Gateway 4.0-1.61s
- LANDesk Software Landesk Management Gateway 4.2-1.61
- LANDesk Software Landesk Management Gateway 4.2-1.8
References
- BugTraq: 44781
- CVE: CVE-2010-2892