Intrusion Prevention

ManageEngine.Desktop.Central.MSP.Directory.Traversal

Description

This indicates an attack attempt against an Path Traversal vulnerability in ManageEngine Desktop Central.
The vulnerability is due to insufficient sanitizing of user supplied inputs when handling a crafted HTTP packet. It allows a remote attacker to execute malicious codes against affected machine via crafted requests.

Affected Products

ManageEngine DesktopCentral prior to build 90104

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the latest update from the vendor
http://www.manageengine.com/desktop-management-msp/service-packs.html

CVE References

CVE-2014-9404