APP: LANDesk ThinkManagement Suite SetTaskLogByFile Directory Traversal
This signature detects attempts to exploit a known vulnerability against LANDesk ThinkManagement Suite. Attackers can traverse arbitrary directories on the server resulting in the attacker accessing areas of the system otherwise unintended to be accessed externally.
Extended Description
Lenovo ThinkManagement Console is prone to multiple security-bypass vulnerabilities. Successfully exploiting these issues will allow attackers to bypass security restrictions and perform unauthorized actions. Lenovo ThinkManagement Console 9.0.3 is vulnerable; other versions may also be affected.
Affected Products
Landesk_software lenovo_thinkmanagement_console
Short Name
APP:LANDESK-THINKMGT-DIRTRVRSAL
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
CVE-2012-1196 Directory LANDesk SetTaskLogByFile Suite ThinkManagement Traversal bid:52023
Release Date
01/09/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Landesk_software
CVSS Score
5.0