CVE-2007-2136 – BMC Patrol PerformAgent bgs_sdservice Memory Corruption Vulnerability

https://notcve.org/view.php?id=CVE-2007-2136

Stack-based buffer overflow in bgs_sdservice.exe in BMC Patrol PerformAgent allows remote attackers to execute arbitrary code by connecting to TCP port 10128 and sending certain XDR data, which is not properly parsed. Desbordamiento de búfer basado en pila en bgs_sdservice.exe en BMC Patrol PerformAgent permite a atacantes remotos ejecutar código de su elección a través de una conexión en el puerto TCP 10128 y enviando ciertos datos XDR, el cual no es validado adecuadamente This vulnerability allows attackers to execute arbitrary code on vulnerable installations of BMC Patrol. User interaction is not required to exploit this vulnerability. The specific flaw exists due to improper parsing of XDR data sent to the bgs_sdservice.exe process listening by default on TCP port 10128. An attacker can influence a parameter to a memory copy operation and cause corruption of the stack and including SEH pointers. This can be leveraged to execute arbitrary code. • http://secunia.com/advisories/24937 http://securityreason.com/securityalert/2598 http://www.securityfocus.com/archive/1/466222/100/0/threaded http://www.securityfocus.com/bid/23557 http://www.securitytracker.com/id?1017934 http://www.vupen.com/english/advisories/2007/1457 http://www.zerodayinitiative.com/advisories/ZDI-07-019.html https://exchange.xforce.ibmcloud.com/vulnerabilities/33745 •