Up to Articles in Management Gateway
Currently Being Moderated

LANDesk Management Gateway GSB Software Vulnerability

VERSION 2

Created on: Feb 3, 2010 11:01 PM by Trevor - Last Modified:  Feb 5, 2010 9:36 AM by Trevor

Problem:

A vulnerability in one of the LANDesk Management Gateway pages allows an attacker to perform command injection under certain circumstances. This vulnerability could lead to arbitrary commands to be executed under the root context. Versions 4.0-1.48 & 4.2-1.8 of the LANDesk Management Gateway appliance are affected by this flaw.

 

FIX:

LANDesk has released fixes for versions 4.0 & 4.2 products. Please apply GSBWEB_61 to your LANDesk Management Gateway to resolve this problem. Please note these patches are only available through the patch download page on the LANDesk Management Gateway.

 

 

CVE ID:

CVE-2010-0368

CVE-2010-0369

 

Special note:

LANDesk would like to thank Aureliano Calvo and Adrian Manrique from Core Security Technologies for bring this to our attention.

Tags: cve-2010-0368, cve-2010-0369, xss, cmd_injection, command_injection
Comments (7)
Feb 9, 2010 10:42 AM
paul.robison paul.robison  says:

I do have the gateway management device at 4.0-1.48 however when I query for updates I see none. Has this update not been released yet?
Feb 11, 2010 2:42 AM
Paul Mitton Paul Mitton  says:

Is there a way to tell if the update has been applied, I understood the Gateway updated itself automatically, I don't see it available when I run the Update query
Feb 11, 2010 10:04 AM
Michael Driver Michael Driver  says in response to Paul Mitton:

I just tried applying this patch as it showed it is available however when I select Apply, the update is still there. I have rebooted the appliance and when I select scan for updates, it still shows up and being available.

 

Thanks
Feb 12, 2010 2:44 PM
BenWall BenWall  says:

I was apparently successful at applying this patch - how can I verify that the patch is applied? In other words, where can I get some output from the system, that I can then show to my security team, that shows that I have updated to a non-vulnerable version of the management gateway?

 

thanks!
Feb 12, 2010 2:47 PM
Trevor Trevor  says in response to BenWall:

There are two ways to validate that RPM has been applied. You can use the "About" link on the GSB web page, or look in the /var/log/rpmupdates.log.
Feb 12, 2010 3:02 PM
BenWall BenWall  says in response to Trevor:

Thanks, Trevor -  I guess it's the "Web console version" on the "About" link that I'm looking for, right? In the logfile, it uses the package name - gsbweb - but the version numbers match.
Feb 19, 2010 11:09 AM
paul.robison paul.robison  says:

I was finally able to get this update to show the problem in my case was that the IP address to patch.landesk.com has changed so we had to update the firewalls.

More Like This

  • Retrieving data ...

More by Trevor

View Trevor's profile
LANDesk Community powered by Jive Software's Clearspace ® Subscribe| Legal Notices| Investor Relations| Avocent| Privacy Policy © 2009 LANDesk Software