Lucene search

[email protected]NVD:CVE-2007-2136

HistoryApr 22, 2007 - 7:19 p.m.

CVE-2007-2136

2007-04-2219:19:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.1

Confidence

High

EPSS

0.281

Percentile

96.9%

JSON

Stack-based buffer overflow in bgs_sdservice.exe in BMC Patrol PerformAgent allows remote attackers to execute arbitrary code by connecting to TCP port 10128 and sending certain XDR data, which is not properly parsed.

Affected configurations

Nvd

Node

bmcpatrol_perform_agent

VendorProductVersionCPE
bmcpatrol_perform_agent*cpe:2.3:a:bmc:patrol_perform_agent:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
bmc	patrol_perform_agent	*	cpe:2.3:a:bmc:patrol_perform_agent::::::::

References

secunia.com/advisories/24937

securityreason.com/securityalert/2598

www.securityfocus.com/archive/1/466222/100/0/threaded

www.securityfocus.com/bid/23557

www.securitytracker.com/id?1017934

www.vupen.com/english/advisories/2007/1457

www.zerodayinitiative.com/advisories/ZDI-07-019.html

exchange.xforce.ibmcloud.com/vulnerabilities/33745

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.1

Confidence

High

EPSS

0.281

Percentile

96.9%

JSON

Related for NVD:CVE-2007-2136

zdi1 prion1 securityvulns2 cve1 cvelist1