Talk:Ivanti
This article is rated Start-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects: | ||||||||||||||||||||||||||||||||||||
|
The contents of the Lumension Security page were merged into Ivanti on 6 July 2020. For the contribution history and old versions of the redirected page, please see its history; for the discussion at that location, see its talk page. |
I read last comment about "big-brotherism" syndrom as a "desktop management" problem rather than a "only landesk" problem. I believe this should be cutted from this page pasted into a generical page talking about this market.
Result of AfD discussion was Keep. The person closing the discussion didn't get rid of the AfD template here so I removed it. Crypticfirefly 05:55, 27 February 2007 (UTC)
External links modified
editHello fellow Wikipedians,
I have just modified one external link on LANDESK. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:
- Added archive https://archive.is/20120710210645/http://infoworld.com/article/06/04/27/77825_HNavocentbrief_1.html to http://infoworld.com/article/06/04/27/77825_HNavocentbrief_1.html
When you have finished reviewing my changes, you may follow the instructions on the template below to fix any issues with the URLs.
This message was posted before February 2018. After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than regular verification using the archive tool instructions below. Editors have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the RfC before doing mass systematic removals. This message is updated dynamically through the template {{source check}}
(last update: 5 June 2024).
- If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
- If you found an error with any archives or the URLs themselves, you can fix them with this tool.
Cheers.—InternetArchiveBot (Report bug) 07:38, 14 December 2017 (UTC)
Incorrect logo on page
editThe Wikipedia page as of now is using the logo from LANDesk and not Ivanti's new logo, need to get that changed.
New breach caused by 2 zero-day CVEs found in two products
edit- https://attackerkb.com/topics/AdUh6by52K/cve-2023-46805/rapid7-analysis
- https://www.aktuellsakerhet.se/flera-stora-svenska-verksamheter-hackade-via-ivantis-sarbarhet/
- https://www.helpnetsecurity.com/2024/01/16/ivanti-vpn-compromised/
Multiple large Swedish companies have been affected according to the second link. 1700 devices have been compromised according to the 3rd link.
“Victims are globally distributed and vary greatly in size, from small businesses to some of the largest organizations in the world, including multiple Fortune 500 companies across multiple industry verticals.”
Popen is a well known security risk.
This breach seems entirely caused by absence of any sanitation of input that come from the user which is really basic web security. Never trust the user (there is even an XKCD comic on the subject).
Also, running your home made C++ web server anywhere is a pretty bad idea.
Where are the public reports of pentesting? Such a testing would most probably have unearthed these vulnerabilities very easily, especially if the red team had been given access to the python code in question.
I'm surprised that anyone would pay for or use this product without documentation of proper security review by an external expert that is trusted. So9q (talk) 10:28, 22 January 2024 (UTC)
- If they had used the security linter bandit during development, it would have issued a big fat warning for every Popen call. So9q (talk) 10:37, 22 January 2024 (UTC)
As there has been another massive security breach, CISA has ordered US administration to shut down their systems on short notice, German BSI issuing massive warnings... shouldn´t this be mentioned in the article???
BR, Oliver — Preceding unsigned comment added by 91.217.145.35 (talk) 14:13, 2 February 2024 (UTC)