LANDESK has released patch LD-CR131352-95 to fix the vulnerability found on client systems that are using the LANDESK agent.
Affected Product(s)
LANDESK Management Suite / Security Suite 9.5 and later clients.
Problem:
The vulnerable OpenSSL libraries are used in the LANDESK CBA Client and Remote Control components. However these services operate on non-standard ports. There is also an additional layer of protection afforded by the authentication these services require.
The CBA/Resident Agent components respond to "push" requests from the Core Server to perform certain tasks. These tasks can include inventory scans, software deployments, patching, custom scripts and others. For these requests, additional threads and processes are used, thus limiting the memory available to this vulnerability. The private key for these interactions is stored on the Core Server. LANDESK has been unable find any instance where the private key or user credentials are sent to the Resident Agent.
Resolution:
We will walk you through the recommended way of repairing this vulnerability on your client systems. DO NOT REBUILD YOUR AGENTS AND RE-DEPLOY. Since this is a client side only patch, this would introduce the vulnerability on those systems again. A core side patch will be coming, but is not yet available.
1. Go to your core server and Patch and Compliance.
2. Select Download Updates and make sure LANDESK 9.5 Software Updates is selected.
3. Then change it from All Types to LANDesk updates.
4. Then you will select All Items and search for LD-CR131352. Make sure to move it into the Scan folder.
5. Next you will right-click the definition and select Properties. Right-click the detection rule and select Download Patch. Once downloaded, select ok to return to the previous screen.
6. You will then right-click the definition and select Repair.
7. Choose the Repair options that you would like to use, and then select OK.
8. This will create you a new scheduled task.You will then drag and drop your clients to this task.
9. Right-click your task and select Start Now >> Devices that did not succeed.
10. This will require a reboot of all devices.