BMC Performance Manager PatrolAgent.EXE Memory Corruption Vulnerability
BID:23559
Info
BMC Performance Manager PatrolAgent.EXE Memory Corruption Vulnerability
| Bugtraq ID: | 23559 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-1972 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 18 2007 12:00AM |
| Updated: | Mar 19 2015 09:19AM |
| Credit: | The reporter of this issue wishes to remain anonymous |
| Vulnerable: |
BMC Software Performance Manager 0 |
| Not Vulnerable: | |
Discussion
BMC Performance Manager PatrolAgent.EXE Memory Corruption Vulnerability
BMC Performance Manager is prone to a memory-corruption vulnerability.
An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial of service.
BMC Performance Manager is prone to a memory-corruption vulnerability.
An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial of service.
Exploit / POC
BMC Performance Manager PatrolAgent.EXE Memory Corruption Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
BMC Performance Manager PatrolAgent.EXE Memory Corruption Vulnerability
Solution:
The vendor released an update to address this issue. Please contact the vendor for information on how to obtain and apply this update.
Solution:
The vendor released an update to address this issue. Please contact the vendor for information on how to obtain and apply this update.
References
BMC Performance Manager PatrolAgent.EXE Memory Corruption Vulnerability
References:
References:
- Vendor Homepage (BMC Software)
- ZDI-07-020: BMC Performance Manager SNMP Command Execution Vulnerability (Zero Day Initiative)