10 matches found
Format string
Format string vulnerability in BMC PATROL Agent before 3.7.30 allows remote attackers to execute arbitrary code via format string specifiers in an invalid version number to TCP port 3181, which are not properly handled when writing a log message...
CVE-2008-5982
Format string vulnerability in BMC PATROL Agent before 3.7.30 allows remote attackers to execute arbitrary code via format string specifiers in an invalid version number to TCP port 3181, which are not properly handled when writing a log message...
ZDI-08-082: BMC PatrolAgent Version Logging Format String Vulnerability
ZDI-08-082: BMC PatrolAgent Version Logging Format String Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-082 December 8, 2008 -- Affected Vendors: BMC Software -- Affected Products: BMC Software Patrol -- TippingPointTM IPS Customer Protection: TippingPoint IPS customers have be...
BMC PatrolAgent Version Logging Format String Vulnerability
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of BMC PatrolAgent. Authentication is not required to exploit this vulnerability. The specific flaw exists due to a format string handling error during log message writing. Supplying an invalid version numbe...
Authentication flaw
PatrolAgent.exe in BMC Performance Manager does not require authentication for requests to modify configuration files, which allows remote attackers to execute arbitrary code via a request on TCP port 3181 for modification of the masterAgentName and masterAgentStartLine SNMP parameters. NOTE: the...
CVE-2007-1972
PatrolAgent.exe in BMC Performance Manager does not require authentication for requests to modify configuration files, which allows remote attackers to execute arbitrary code via a request on TCP port 3181 for modification of the masterAgentName and masterAgentStartLine SNMP parameters. NOTE: the...
CVE-2007-1972
CVE-2007-1972 affects BMC Performance Manager; PatrolAgent.exe on TCP port 3181 allows remote modification of configuration files without authentication by altering SNMP parameters (e.g., masterAgentName, masterAgentStartLine), purportedly enabling arbitrary code execution. The ZDI advisory detai...
CVE-2007-1972
PatrolAgent.exe in BMC Performance Manager does not require authentication for requests to modify configuration files, which allows remote attackers to execute arbitrary code via a request on TCP port 3181 for modification of the masterAgentName and masterAgentStartLine SNMP parameters. NOTE: the...
PT-2007-3317 · Bmc · Bmc Performance Manager
Name of the Vulnerable Software and Affected Versions: BMC Performance Manager affected versions not specified Description: The issue concerns a lack of authentication requirement for requests to modify configuration files. This could potentially allow remote attackers to execute arbitrary code b...
BMC Performance Manager SNMP Command Execution Vulnerability
These vulnerabilities allows attackers to execute arbitrary code on vulnerable installations of BMC Performance Manager. User interaction is not required to exploit this vulnerability. The specific flaw exists in the PatrolAgent.exe listening on TCP port 3181. The service allows remote attackers ...