Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiAnonymousZDI-07-019
HistoryApr 18, 2007 - 12:00 a.m.

BMC Patrol PerformAgent bgs_sdservice Memory Corruption Vulnerability

2007-04-1800:00:00
Anonymous
www.zerodayinitiative.com
15

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.281 Low

EPSS

Percentile

96.8%

JSON

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of BMC Patrol. User interaction is not required to exploit this vulnerability. The specific flaw exists due to improper parsing of XDR data sent to the bgs_sdservice.exe process listening by default on TCP port 10128. An attacker can influence a parameter to a memory copy operation and cause corruption of the stack and including SEH pointers. This can be leveraged to execute arbitrary code.

Related

prion 1
cve 1
securityvulns 2
prion
prion
Stack overflow
2007-04-22 19:19:00
cve
cve
CVE-2007-2136
2007-04-22 19:19:00
securityvulns
securityvulns
ZDI-07-019: BMC Patrol PerformAgent bgs_sdservice Memory Corruption Vulnerability
2007-04-20 00:00:00
BMC Patrol PerformAgent memory corruption
2007-04-20 00:00:00

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.281 Low

EPSS

Percentile

96.8%

JSON
Related for ZDI-07-019
prion1cve1securityvulns2