Lucene search

K
zdiAnonymousZDI-07-019
HistoryApr 18, 2007 - 12:00 a.m.

BMC Patrol PerformAgent bgs_sdservice Memory Corruption Vulnerability

2007-04-1800:00:00
Anonymous
www.zerodayinitiative.com
19
bmc patrol
performagent
memory corruption
vulnerability
remote attackers
arbitrary code
improper parsing
xdr data
bgs_sdservice.exe
tcp port 10128
memory copy operation
stack corruption
seh pointers

EPSS

0.281

Percentile

96.9%

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of BMC Patrol. User interaction is not required to exploit this vulnerability. The specific flaw exists due to improper parsing of XDR data sent to the bgs_sdservice.exe process listening by default on TCP port 10128. An attacker can influence a parameter to a memory copy operation and cause corruption of the stack and including SEH pointers. This can be leveraged to execute arbitrary code.

EPSS

0.281

Percentile

96.9%