CVE-2008-6195

LANDesk Management Suite < 8.80.1.1 - Unauthenticated Path Traversal via PXE TFTP Service

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-6195. PoCs published by Luigi Auriemma.

AI-analyzed exploit summary The provided text describes a directory traversal vulnerability in LANDesk Management Suite 8.80.1.1, allowing attackers to access arbitrary files outside the TFTP root directory. The writeup references a binary exploit but does not include actual exploit code.

Description

Directory traversal vulnerability in the PXE TFTP Service (PXEMTFTP.exe) in LANDesk Management Suite (LDMS) 8.80.1.1 and earlier allows remote attackers to read arbitrary files via a subdirectory name followed by ".." sequences, a different vulnerability than CVE-2008-1643.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Luigi Auriemma · textremotelinux
https://www.exploit-db.com/exploits/31591

The provided text describes a directory traversal vulnerability in LANDesk Management Suite 8.80.1.1, allowing attackers to access arbitrary files outside the TFTP root directory. The writeup references a binary exploit but does not include actual exploit code.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Theoretical
Target: LANDesk Management Suite 8.80.1.1
No auth needed
Prerequisites: Network access to the vulnerable TFTP service
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/48852
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/490390/100/0/threaded
Patch, Vendor Advisory x_refsource_confirm
http://community.landesk.com/support/docs/DOC-2659
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/28577

Scores

EPSS 0.0288
EPSS Percentile 85.0%

Details

CWE
CWE-22
Status published
Products (2)
landesk/landesk_management_suite 8.7 (2 CPE variants)
landesk/landesk_management_suite < 8.80.1.1
Published Feb 20, 2009
Tracked Since Feb 18, 2026