Lucene search

MitreCVE-2007-2136

HistoryApr 22, 2007 - 7:19 p.m.

CVE-2007-2136

2007-04-2219:19:00

mitre

web.nvd.nist.gov

cve-2007-2136

bgs_sdservice.exe

buffer overflow

bmc patrol performagent

remote code execution

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.1

Confidence

Low

EPSS

0.281

Percentile

96.9%

JSON

Stack-based buffer overflow in bgs_sdservice.exe in BMC Patrol PerformAgent allows remote attackers to execute arbitrary code by connecting to TCP port 10128 and sending certain XDR data, which is not properly parsed.

Affected configurations

Nvd

Node

bmcpatrol_perform_agent

VendorProductVersionCPE
bmcpatrol_perform_agent*cpe:2.3:a:bmc:patrol_perform_agent:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
bmc	patrol_perform_agent	*	cpe:2.3:a:bmc:patrol_perform_agent::::::::

References

secunia.com/advisories/24937

securityreason.com/securityalert/2598

www.securityfocus.com/archive/1/466222/100/0/threaded

www.securityfocus.com/bid/23557

www.securitytracker.com/id?1017934

www.vupen.com/english/advisories/2007/1457

www.zerodayinitiative.com/advisories/ZDI-07-019.html

exchange.xforce.ibmcloud.com/vulnerabilities/33745

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.1

Confidence

Low

EPSS

0.281

Percentile

96.9%

JSON

Related for CVE-2007-2136