datenschrott
CODE WHITE GmbHYes, we're beating a dead horse. But that horse still runs in corporate networks - and quietly gives attackers the keys to the kingdom. We're publishing what’s long been exploitable. Time to talk about it. #DSM #Ivanti https://code-white.com/blog/ivanti-desktop-and-server-management/
CODE WHITE | Analyzing the Attack Surface of Ivanti's DSM
Ivanti's Desktop & Server Management (DSM) product is an old acquaintance that we have encountered in numerous red team and internal assessments. The main purpose of the product is the centralized distribution of software packages. In our blog post *Analyzing the Attack Surface of Ivanti's DSM* we take a look at the software from an attacker's perspective. We discuss common misconfigurations, uncover the technical details of two vulnerabilities we identified and provide recommendations to harden existing DSM environments.