|
Problem:
A vulnerability in the Intel QIP Service could allow remote code execution. This vulnerability affects LANDesk Management Suite, LANDesk Security Suite, and LANDesk Server Manager 8.8 and eariler.
FIX:
LANDesk has released fixes for versions 8.7 & 8.8 or the above mentioned products. If you are using a version less than these two please upgrade to the latest version to avoid this vulnerability.
For 8.7 Download SWD-1620987.5
For 8.8 Download SWD-1620988.2
CVE ID:
CVE-2008-2468
Special note:
LANDesk would like to thank TippingPoint and Aaron Portnoy for reporting this issue.
Cottroad
says:
Does this patch require SP2 to be installed on 8.8 (i.e. will the pre-requisite check refuse to install if you have either no ServicePack or SP1)?
Thanks
Trevor
says:
We are working on getting this added to the Patch Management content. Also, the LDMS 8.8 fix reqiuires SP2 to be installed for the setup to run. You can try just replacing your existing QIP service with the one in the ZIP, but be aware that that was not tested.
Matt Johnson
says:
We installed the patch on the server with no problem. According to the readme file, it says to install the patch on the additional consoles. When we try to run it, the installer tells us that we need to have SP2 installed. We already have it installed.
chad
says:
This patch is for the core only. The remote console doesnt have the qipsrvr.exe installed.
jstrain
says:
We are running 8.7 sp4. The readme in the patch says it is a post sp5 patch. We are not planning on going to sp5 (we plan on moving to 8.8 instead). Do we need to patch our 8.7 sp4 core with the qip service patch listed here?
chad
says
in response to jstrain:
The patch is for a post SP5 core server. To apply the patch, you will first need to update to SP5. You can try just replacing the qipsrvr.exe per Trevors comment above, but be aware that is not tested. I would not recommend it.
MTFC
says:
Any way,What is Intel QIP Service ?
I couldn't find information what Intel QIP Server Service do.
Any body knows it ?
Trevor
says
in response to MTFC:
The Intel QIP service is used by lagacy clients (8.6 and earlier) so that they can communicate their software distribution status. The service was also used for the old software distribution package healing feature.
atabler0001
says:
I have been working on this issue for a couple of days now. I had LanDesk 8.8 (not even SP1), and was not able to install this update. It gave me an error during installation needing SP2. So, I installed SP3 and again was not able to install this update. This patch is included in the SP3 update, by the way. However, security scanning software will disregard SP3 and look for a specific registry key that this patch creates. I use Retina Scan. Without this key, Retina scan will ALWAYS report this as a vunerability.
Anyways, for those of you that want this to install and have the same problem as I did, just do this... open up the registry and navigate to:
HKEY_LOCAL_MACHINE\SOFTWARE\LANDesk\ManagementSuite\Setup\Version\Patches
Create a string value of "LANDESK Software 8.8 - Service Pack 2" with the data value of 8.8-SP2
The installation will now run. Additionally, all the installation does is replace the qipsrvr.exe file and create a registry value in:
HKEY_LOCAL_MACHINE\SOFTWARE\LANDesk\ManagementSuite\Setup\Version\Patches
String value: CR16209 - qipsrvr.exe
Data: 8.80.2.4
Hope this helps out!
Andrew
| ||||||
Can you add a link to the vulnerability information? Also, will these patches and vulnerabilities appear as patch manager content?