8 matches found
Authentication flaw
PatrolAgent.exe in BMC Performance Manager does not require authentication for requests to modify configuration files, which allows remote attackers to execute arbitrary code via a request on TCP port 3181 for modification of the masterAgentName and masterAgentStartLine SNMP parameters. NOTE: the...
CVE-2007-1972
PatrolAgent.exe in BMC Performance Manager does not require authentication for requests to modify configuration files, which allows remote attackers to execute arbitrary code via a request on TCP port 3181 for modification of the masterAgentName and masterAgentStartLine SNMP parameters. NOTE: the...
CVE-2007-1972
CVE-2007-1972 affects BMC Performance Manager; PatrolAgent.exe on TCP port 3181 allows remote modification of configuration files without authentication by altering SNMP parameters (e.g., masterAgentName, masterAgentStartLine), purportedly enabling arbitrary code execution. The ZDI advisory detai...
CVE-2007-1972
PatrolAgent.exe in BMC Performance Manager does not require authentication for requests to modify configuration files, which allows remote attackers to execute arbitrary code via a request on TCP port 3181 for modification of the masterAgentName and masterAgentStartLine SNMP parameters. NOTE: the...
BMC Performance Manager PatrolAgent.EXE内存破坏漏洞
BMC Performance Manager是一款端到端系统管理解决方案。 BMC Performance Manager存在设计错误,远程攻击者可以利用漏洞以应用程序权限执行任意指令。 PatrolAgent.exe监听TCP 3181端口,服务允许远程攻击者修改配置文件而不需要任何验证。攻击者修改在SNMP公共定义中的参数,如masterAgentName和masterAgentStartLine可导致任意代码执行。 BMC Software Performance Manager 目前没有解决方案提供: http://www.bmc.com/...
BMC Performance Manager unauthorized access
PatrolAgent.exe TCP/3181 allows SNMP community definition modification...
ZDI-07-020: BMC Performance Manager SNMP Command Execution Vulnerability
ZDI-07-020: BMC Performance Manager SNMP Command Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-020.html April 18, 2007 -- CVE ID: CVE-2007-1972 -- Affected Vendor: BMC -- Affected Products: Performance Manager -- TippingPointTM IPS Customer Protection: TippingPoint IP...
BMC Performance Manager SNMP Command Execution Vulnerability
These vulnerabilities allows attackers to execute arbitrary code on vulnerable installations of BMC Performance Manager. User interaction is not required to exploit this vulnerability. The specific flaw exists in the PatrolAgent.exe listening on TCP port 3181. The service allows remote attackers ...