LANDesk ThinkManagement Suite ServerSetup.asmx Directory Traversal (CVE-2012-1195)

A directory traversal vulnerability has been reported in LANDesk Lenovo ThinkManagement Suite...

LANDesk ThinkManagement Suite ServerSetup.asmx Directory Traversal

Added: 04/27/2012 CVE: CVE-2012-1195 BID: 52023 OSVDB: 79276 Background LANDesk Lenovo ThinkManagement Console provides hardware discovery, comprehensive inventory, and reporting for Lenovo systems. Problem LANDesk Lenovo ThinkManagement Console runs a web application under the Microsoft IIS web...

LANDesk Lenovo ThinkManagement Console Remote Command Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

DSquare Exploit Pack: D2SEC_THINKMNGT

Name| d2secthinkmngt ---|--- CVE| CVE-2012-1195 Exploit Pack| D2ExploitPack Description| LANDesk Lenovo ThinkManagement 9.0.3 File Upload Vulnerability Notes|...

CVE-2012-1195

CVE-2012-1195 affects Lenovo ThinkManagement Console 9.0.3. The flaw is in ServerSetup.asmx under the landesk/managementsuite/core/core.anonymous/ path, where RunAMTCommand with -PutUpdateFileCore enables an unauthenticated remote attacker to upload an ASP payload and access it in the web root, l...