3 results (0.002 seconds)

CVSS: 10.0EPSS: 5%CPEs: 1EXPL: 2

Multiple buffer overflows in ASG-Sentry Network Manager 7.0.0 and earlier allow remote attackers to execute arbitrary code or cause a denial of service (crash) via (1) a long request to FxIAList on TCP port 6162, or (2) an SNMP request with a long community string to FxAgent on UDP port 6161. Múltiples desbordamientos de búfer en ASG-Sentry Network Manager versión 7.0.0 y anteriores permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (fallo) mediante (1) una petición especialmente larga a FxIAList en el puerto 6162 TCP o (2) una petición SNMP con una cadena de comunidad especialmente larga a FxAgent en el puerto 6161 UDP. • https://www.exploit-db.com/exploits/5229 http://aluigi.altervista.org/adv/asgulo-adv.txt http://secunia.com/advisories/29289 http://securityreason.com/securityalert/3737 http://www.securityfocus.com/archive/1/489359/100/0/threaded http://www.securityfocus.com/bid/28188 http://www.vupen.com/english/advisories/2008/0839/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41082 https://exchange.xforce.ibmcloud.com/vulnerabilities/41086 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 4%CPEs: 1EXPL: 4

The FxIAList service in ASG-Sentry Network Manager 7.0.0 and earlier does require authentication, which allows remote attackers to cause a denial of service (service termination) via the exit command to TCP port 6162, or have other impacts via other commands. El servicio FxIAList de ASG-Sentry Network Manager versión 7.0.0 y anteriores implementa mecanismo de autenticación que permite a atacantes remotos provocar una denegación de servicio (finalización del servicio) mediante la utilización del comando exit en el puerto 6162 TCP y tiene otras consecuencias al utilizar otros comandos. • https://www.exploit-db.com/exploits/5229 http://aluigi.altervista.org/adv/asgulo-adv.txt http://secunia.com/advisories/29289 http://securityreason.com/securityalert/3737 http://www.securityfocus.com/archive/1/489359/100/0/threaded http://www.securityfocus.com/bid/28188 http://www.vupen.com/english/advisories/2008/0839/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41084 • CWE-287: Improper Authentication •

CVSS: 7.8EPSS: 5%CPEs: 1EXPL: 4

The File Check Utility (fcheck.exe) in ASG-Sentry Network Manager 7.0.0 and earlier allows remote attackers to cause a denial of service (CPU consumption) or overwrite arbitrary files via a query string that specifies the -b option, probably due to an argument injection vulnerability. La utilidad de evaluación de ficheros (fcheck.exe) en ASG-Sentry Network Manager versión 7.0.0 y anteriores permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) o sobreescribir ficheros de su elección mediante una cadena de consulta que especifique la opción -b, probablemente debido a una vulnerabilidad de inyección de argumento. • https://www.exploit-db.com/exploits/5229 http://aluigi.altervista.org/adv/asgulo-adv.txt http://secunia.com/advisories/29289 http://securityreason.com/securityalert/3737 http://www.securityfocus.com/archive/1/489359/100/0/threaded http://www.securityfocus.com/bid/28188 http://www.vupen.com/english/advisories/2008/0839/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41080 •