The admin interface in Landesk Management Suite 9.6 and earlier allows remote attackers to conduct remote file inclusion attacks involving ASPX pages from third-party sites via the d parameter to (1) ldms/sm_actionfrm.asp or (2) remote/frm_coremainfrm.aspx; or the (3) top parameter to remote/frm_splitfrm.aspx.
Max CVSS
7.2
EPSS Score
5.91%
Published
2017-09-19
Updated
2018-10-09
Directory traversal vulnerability in the PXE TFTP Service (PXEMTFTP.exe) in LANDesk Management Suite (LDMS) 8.80.1.1 and earlier allows remote attackers to read arbitrary files via a subdirectory name followed by ".." sequences, a different vulnerability than CVE-2008-1643.
Max CVSS
7.8
EPSS Score
1.33%
Published
2009-02-20
Updated
2018-10-11
Multiple buffer overflows in the QIP Server Service (aka qipsrvr.exe) in LANDesk Management Suite, Security Suite, and Server Manager 8.8 and earlier allow remote attackers to execute arbitrary code via a crafted heal request, related to the StringToMap and StringSize arguments.
Max CVSS
10.0
EPSS Score
40.34%
Published
2008-09-18
Updated
2018-10-11

CVE-2007-1674

Public exploit
Stack-based buffer overflow in the Alert Service (aolnsrvr.exe) in LANDesk Management Suite 8.7 allows remote attackers to execute arbitrary code via a crafted packet to port 65535/UDP.
Max CVSS
10.0
EPSS Score
93.68%
Published
2007-04-18
Updated
2018-10-16
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!