Talk:Ivanti

I read last comment about "big-brotherism" syndrom as a "desktop management" problem rather than a "only landesk" problem. I believe this should be cutted from this page pasted into a generical page talking about this market.

Wikipedia:Articles for deletion/LANDesk

Result of AfD discussion was Keep. The person closing the discussion didn't get rid of the AfD template here so I removed it. Crypticfirefly 05:55, 27 February 2007 (UTC)

External links modified

Hello fellow Wikipedians,

I have just modified one external link on LANDESK. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:

• Added archive https://archive.is/20120710210645/http://infoworld.com/article/06/04/27/77825_HNavocentbrief_1.html to http://infoworld.com/article/06/04/27/77825_HNavocentbrief_1.html

When you have finished reviewing my changes, you may follow the instructions on the template below to fix any issues with the URLs.

This message was posted before February 2018. After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than regular verification using the archive tool instructions below. Editors have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the RfC before doing mass systematic removals. This message is updated dynamically through the template {{source check}} (last update: 18 January 2022).

• If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
• If you found an error with any archives or the URLs themselves, you can fix them with this tool.

Cheers.—InternetArchiveBot (Report bug) 07:38, 14 December 2017 (UTC)

Incorrect logo on page

The Wikipedia page as of now is using the logo from LANDesk and not Ivanti's new logo, need to get that changed.

New breach caused by 2 zero-day CVEs found in two products

• https://attackerkb.com/topics/AdUh6by52K/cve-2023-46805/rapid7-analysis
• https://www.aktuellsakerhet.se/flera-stora-svenska-verksamheter-hackade-via-ivantis-sarbarhet/
• https://www.helpnetsecurity.com/2024/01/16/ivanti-vpn-compromised/

Multiple large Swedish companies have been affected according to the second link. 1700 devices have been compromised according to the 3rd link.

“Victims are globally distributed and vary greatly in size, from small businesses to some of the largest organizations in the world, including multiple Fortune 500 companies across multiple industry verticals.”

Popen is a well known security risk.

This breach seems entirely caused by absence of any sanitation of input that come from the user which is really basic web security. Never trust the user (there is even an XKCD comic on the subject).

Also, running your home made C++ web server anywhere is a pretty bad idea.

Where are the public reports of pentesting? Such a testing would most probably have unearthed these vulnerabilities very easily, especially if the red team had been given access to the python code in question.

I'm surprised that anyone would pay for or use this product without documentation of proper security review by an external expert that is trusted. So9q (talk) 10:28, 22 January 2024 (UTC)

If they had used the security linter bandit during development, it would have issued a big fat warning for every Popen call. So9q (talk) 10:37, 22 January 2024 (UTC)

As there has been another massive security breach, CISA has ordered US administration to shut down their systems on short notice, German BSI issuing massive warnings... shouldn´t this be mentioned in the article??? BR, Oliver — Preceding unsigned comment added by 91.217.145.35 (talk) 14:13, 2 February 2024 (UTC)