asg-sentry <= 7.0.0 - Multiple Vulnerabilities

No description provided by source. Luigi Auriemma Application: ASG-Sentry http://www.asg-sentry.com Versions: = 7.0.0 Platforms: Windows and Unix Bugs: A arbitrary files deleting B heap-overflow in FxAgent C termination of FxIAList D buffer-overflow in FxIAList Exploitation: remote Date: 10 Mar...

ASG-Sentry CGI Default Credentials

The remote ASG-Sentry CGI script is configured to use default credentials to control administrative access. Knowing these, an attacker can gain administrative control of the affected application. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

ASG-Sentry CGI Detection

The remote CGI script is part of ASG-Sentry, a web-based SNMP network management system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid34394; scriptversion"1.15";...

ASG-Sentry File Check Utility /snmx-cgi/fcheck.exe Arbitrary File Overwrite

The File Check Utility fcheck.exe included with the version of ASG-Sentry installed on the remote host fails to sanitize input before creating index files with filenames and checksums. An unauthenticated remote attacker can leverage this issue to overwrite existing files with either no data or a...

ASG-Sentry SNMP Agent Detection

The remote SNMP agent is part of ASG-Sentry, a web-based SNMP network management system. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid34396; scriptversion"1.13"; scriptcvsdate"Date: 2019/11/22"; scriptnameenglish:"ASG-Sentry SNMP Agent Detection";...

Design/Logic Flaw

The File Check Utility fcheck.exe in ASG-Sentry Network Manager 7.0.0 and earlier allows remote attackers to cause a denial of service CPU consumption or overwrite arbitrary files via a query string that specifies the -b option, probably due to an argument injection vulnerability...

CVE-2008-1320

Multiple buffer overflows in ASG-Sentry Network Manager 7.0.0 and earlier allow remote attackers to execute arbitrary code or cause a denial of service crash via 1 a long request to FxIAList on TCP port 6162, or 2 an SNMP request with a long community string to FxAgent on UDP port 6161...

Buffer overflow

Multiple buffer overflows in ASG-Sentry Network Manager 7.0.0 and earlier allow remote attackers to execute arbitrary code or cause a denial of service crash via 1 a long request to FxIAList on TCP port 6162, or 2 an SNMP request with a long community string to FxAgent on UDP port 6161...

CVE-2008-1322

The File Check Utility fcheck.exe in ASG-Sentry Network Manager 7.0.0 and earlier allows remote attackers to cause a denial of service CPU consumption or overwrite arbitrary files via a query string that specifies the -b option, probably due to an argument injection vulnerability...

CVE-2008-1321

The FxIAList service in ASG-Sentry Network Manager 7.0.0 and earlier does require authentication, which allows remote attackers to cause a denial of service service termination via the exit command to TCP port 6162, or have other impacts via other commands...

CVE-2008-1322

The CVE-2008-1322 issue affects ASG-Sentry Network Manager, specifically the File Check Utility (fcheck.exe) bundled with versions up to 7.0.0. The connected Nessus entry documents that fcheck.exe fails to sanitize input when creating index files, allowing an unauthenticated remote attacker to ov...

CVE-2008-1321

The FxIAList service in ASG-Sentry Network Manager 7.0.0 and earlier does require authentication, which allows remote attackers to cause a denial of service service termination via the exit command to TCP port 6162, or have other impacts via other commands...

CVE-2008-1321

The CVE describes a vulnerability in the FxIAList service of ASG-Sentry Network Manager 7.0.0 and earlier . The affected component is the FxIAList service ; the root cause is an authentication-involved condition that allows remote attackers to trigger a denial of service (service termination) by ...

CVE-2008-1320

Multiple buffer overflows in ASG-Sentry Network Manager 7.0.0 and earlier allow remote attackers to execute arbitrary code or cause a denial of service crash via 1 a long request to FxIAList on TCP port 6162, or 2 an SNMP request with a long community string to FxAgent on UDP port 6161...

CVE-2008-1320

ASG-Sentry Network Manager version 7.0.0 and earlier is affected by multiple buffer overflows in FxIAList (TCP 6162) and FxAgent SNMP with a long community string (UDP 6161). The underlying issue is buffer overflows, allowing remote attackers to execute arbitrary code or trigger a denial of servi...

CVE-2008-1322

The File Check Utility fcheck.exe in ASG-Sentry Network Manager 7.0.0 and earlier allows remote attackers to cause a denial of service CPU consumption or overwrite arbitrary files via a query string that specifies the -b option, probably due to an argument injection vulnerability...

ASG-Sentry multiple security vulnerabilities

Unauthorized files access, buffer overflows, DoS...

Multiple vulnerabilities in ASG-Sentry 7.0.0

Luigi Auriemma Application: ASG-Sentry http://www.asg-sentry.com Versions: = 7.0.0 Platforms: Windows and Unix Bugs: A arbitrary files deleting B heap-overflow in FxAgent C termination of FxIAList D buffer-overflow in FxIAList Exploitation: remote Date: 10 Mar 2008 Author: Luigi Auriemma e-mail:...

ASG-Sentry 7.0.0存在多个漏洞

BUGTRAQ ID: 28188 CNCAN ID:CNCAN-2008031104 ASG-Sentry是一款网关管理软件。 ASG-Sentry存在多个安全问题，远程攻击者可以利用漏洞进行拒绝服务和任意代码执行攻击。 - fcheck.exe CGI -b选项处理存在问题，可导致任意文件删除。 - FxAgent进程处理包含超长community字段的SNMP请求时存在堆溢出问题。 - FxIAList不正确验证"exit"命令，任何用户可执行此命令使服务退出。 - FxIAList拷贝数据到缓冲区时存在缓冲区溢出。 ASG-Sentry 7.0 目前没有解决方案提供：...

ASG-Sentry &lt;= 7.0.0 Multiple Remote Vulnerabilities

No description provided by source. Luigi Auriemma Application: ASG-Sentry http://www.asg-sentry.com Versions: = 7.0.0 Platforms: Windows and Unix Bugs: A arbitrary files deleting B heap-overflow in FxAgent C termination of FxIAList D buffer-overflow in FxIAList Exploitation: remote Date: 10 Mar...