CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 2CVE-2012-2959 – BMC Identity Management - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2012-2959
Cross-site request forgery (CSRF) vulnerability in password-manager/changePasswords.do in BMC Identity Management Suite 7.5.00.103 allows remote attackers to hijack the authentication of administrators for requests that change passwords. Una vulnerabilidad de falsificación peticiones cruzadas (CSRF) en password-manager/changePasswords.do en BMC Identity Management Suite v7.5.00.103 permite a atacantes remotos secuestrar la autenticación de los administradores de las solicitudes de cambio de contraseñas. • https://www.exploit-db.com/exploits/37372 http://www.kb.cert.org/vuls/id/221180 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 21%CPEs: 26EXPL: 0CVE-2011-0975
https://notcve.org/view.php?id=CVE-2011-0975
Stack-based buffer overflow in BMC PATROL Agent Service Daemon for in Performance Analysis for Servers, Performance Assurance for Servers, and Performance Assurance for Virtual Servers 7.4.00 through 7.5.10; Performance Analyzer and Performance Predictor for Servers 7.4.00 through 7.5.10; and Capacity Management Essentials 1.2.00 (7.4.15) allows remote attackers to execute arbitrary code via a crafted length value in a BGS_MULTIPLE_READS command to TCP port 6768. Desbordamiento de búfer basado en pila en BMC PATROL Agent Service Daemon para Servers, Performance Assurance para Servers, Performance Assurance para Virtual Servers desde v7.4.00 hasta v7.5.10; Performance Analyzer y Performance Predictor para Servers desde v7.4.00 hasta v7.5.10; y Capacity Management Essentials v1.2.00 (v7.4.15) permite a atacantes remotos ejecutar código arbitrario manipulando la longitud de un valor en un comando BGS_MULTIPLE_READS para el puerto 6768 TCP. • http://osvdb.org/70788 http://secunia.com/advisories/43177 http://securityreason.com/securityalert/8076 http://www.securityfocus.com/archive/1/516188/100/0/threaded http://www.securityfocus.com/bid/46151 http://www.vupen.com/english/advisories/2011/0286 http://www.zerodayinitiative.com/advisories/ZDI-11-039 https://exchange.xforce.ibmcloud.com/vulnerabilities/65135 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 30%CPEs: 14EXPL: 0CVE-2008-5982 – BMC PatrolAgent Version Logging Format String Vulnerability
https://notcve.org/view.php?id=CVE-2008-5982
Format string vulnerability in BMC PATROL Agent before 3.7.30 allows remote attackers to execute arbitrary code via format string specifiers in an invalid version number to TCP port 3181, which are not properly handled when writing a log message. Vulnerabilidad en el formato de la cadena de caracteres en BMC PATROL Agent en versiones anteriores a 3.7.30 que permite a los atacantes remotos, ejecutar arbitrariamente código a través especificadores en el formato de la cadena caracteres en un número inválido de versión para TCP puerto 3181, el cual no es propiamente manejado cuando se escribe un mensaje de log. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of BMC PatrolAgent. Authentication is not required to exploit this vulnerability. The specific flaw exists due to a format string handling error during log message writing. Supplying an invalid version number containing format string tokens to a vulnerable target on TCP port 3181 triggers an exploitable format string vulnerability which can result in arbitrary code execution. • http://secunia.com/advisories/33049 http://www.securityfocus.com/archive/1/499013/100/0/threaded http://www.securityfocus.com/bid/32692 http://www.securitytracker.com/id?1021361 http://www.vupen.com/english/advisories/2008/3379 http://www.zerodayinitiative.com/advisories/ZDI-08-082 https://exchange.xforce.ibmcloud.com/vulnerabilities/47175 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 7.5EPSS: 14%CPEs: 1EXPL: 0CVE-2007-1972 – BMC Performance Manager SNMP Command Execution Vulnerability
https://notcve.org/view.php?id=CVE-2007-1972
PatrolAgent.exe in BMC Performance Manager does not require authentication for requests to modify configuration files, which allows remote attackers to execute arbitrary code via a request on TCP port 3181 for modification of the masterAgentName and masterAgentStartLine SNMP parameters. NOTE: the vendor disputes this vulnerability, stating that it does not exist when the system is properly configured ** IMPUGNADO ** PatrolAgent.exe en BMC Performance Manager no requiere validación para respuestas de modificación de archivos, lo cual permite a atacantes remotos ejecutar código de su elección a través de respuestas sobre TCP puerto 3181 para la modificación de los parámetros masterAgentName ymasterAgentStartLine SNMP. NOTA: el vendedor impugna esta vulnerabilidad, basándose en que esta no existe cuando el sistema está configurado adecuadamente. These vulnerabilities allows attackers to execute arbitrary code on vulnerable installations of BMC Performance Manager. User interaction is not required to exploit this vulnerability. The specific flaw exists in the PatrolAgent.exe listening on TCP port 3181. • http://securityreason.com/securityalert/2599 http://www.securityfocus.com/archive/1/466223/100/0/threaded http://www.securityfocus.com/archive/1/466274/100/0/threaded http://www.securityfocus.com/bid/23559 http://www.securitytracker.com/id?1017935 http://www.vupen.com/english/advisories/2007/1458 http://www.zerodayinitiative.com/advisories/ZDI-07-020.html •
CVSS: 7.5EPSS: 28%CPEs: 1EXPL: 0CVE-2007-2136 – BMC Patrol PerformAgent bgs_sdservice Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2007-2136
Stack-based buffer overflow in bgs_sdservice.exe in BMC Patrol PerformAgent allows remote attackers to execute arbitrary code by connecting to TCP port 10128 and sending certain XDR data, which is not properly parsed. Desbordamiento de búfer basado en pila en bgs_sdservice.exe en BMC Patrol PerformAgent permite a atacantes remotos ejecutar código de su elección a través de una conexión en el puerto TCP 10128 y enviando ciertos datos XDR, el cual no es validado adecuadamente This vulnerability allows attackers to execute arbitrary code on vulnerable installations of BMC Patrol. User interaction is not required to exploit this vulnerability. The specific flaw exists due to improper parsing of XDR data sent to the bgs_sdservice.exe process listening by default on TCP port 10128. An attacker can influence a parameter to a memory copy operation and cause corruption of the stack and including SEH pointers. This can be leveraged to execute arbitrary code. • http://secunia.com/advisories/24937 http://securityreason.com/securityalert/2598 http://www.securityfocus.com/archive/1/466222/100/0/threaded http://www.securityfocus.com/bid/23557 http://www.securitytracker.com/id?1017934 http://www.vupen.com/english/advisories/2007/1457 http://www.zerodayinitiative.com/advisories/ZDI-07-019.html https://exchange.xforce.ibmcloud.com/vulnerabilities/33745 •