HTTP: LANDesk Management Suite Remote File Inclusion
This signature detects attempts to exploit a known vulnerability in LANDesk Management Suite. Successful exploitation could lead to arbitrary code execution.
Extended Description
The admin interface in Landesk Management Suite 9.6 and earlier allows remote attackers to conduct remote file inclusion attacks involving ASPX pages from third-party sites via the d parameter to (1) ldms/sm_actionfrm.asp or (2) remote/frm_coremainfrm.aspx; or the (3) top parameter to remote/frm_splitfrm.aspx.
Affected Products
Landesk landesk_management_suite
Short Name
HTTP:LANDESK-REMOTE-FILE-INC
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2014-5362 File Inclusion LANDesk Management Remote Suite
Release Date
02/11/2016
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Landesk
CVSS Score
6.5