Vulnerability Details CVE-2007-2136
Stack-based buffer overflow in bgs_sdservice.exe in BMC Patrol PerformAgent allows remote attackers to execute arbitrary code by connecting to TCP port 10128 and sending certain XDR data, which is not properly parsed.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.072
EPSS Ranking 91.1%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/24937
- http://securityreason.com/securityalert/2598
- http://www.securityfocus.com/archive/1/466222/100/0/threaded
- http://www.securityfocus.com/bid/23557
- http://www.securitytracker.com/id?1017934
- http://www.vupen.com/english/advisories/2007/1457
- http://www.zerodayinitiative.com/advisories/ZDI-07-019.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33745
- http://secunia.com/advisories/24937
- http://securityreason.com/securityalert/2598
- http://www.securityfocus.com/archive/1/466222/100/0/threaded
- http://www.securityfocus.com/bid/23557
- http://www.securitytracker.com/id?1017934
- http://www.vupen.com/english/advisories/2007/1457
- http://www.zerodayinitiative.com/advisories/ZDI-07-019.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33745
Products affected by CVE-2007-2136
-
cpe:2.3:a:bmc:patrol_perform_agent:-