Vulnerability Description
Stack-based buffer overflow in bgs_sdservice.exe in BMC Patrol PerformAgent allows remote attackers to execute arbitrary code by connecting to TCP port 10128 and sending certain XDR data, which is not properly parsed.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bmc | Patrol Perform Agent | All versions |
References
- http://secunia.com/advisories/24937
- http://securityreason.com/securityalert/2598
- http://www.securityfocus.com/archive/1/466222/100/0/threaded
- http://www.securityfocus.com/bid/23557
- http://www.securitytracker.com/id?1017934
- http://www.vupen.com/english/advisories/2007/1457
- http://www.zerodayinitiative.com/advisories/ZDI-07-019.htmlVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33745
- http://secunia.com/advisories/24937
- http://securityreason.com/securityalert/2598
- http://www.securityfocus.com/archive/1/466222/100/0/threaded
- http://www.securityfocus.com/bid/23557
- http://www.securitytracker.com/id?1017934
- http://www.vupen.com/english/advisories/2007/1457
- http://www.zerodayinitiative.com/advisories/ZDI-07-019.htmlVendor Advisory
FAQ
What is CVE-2007-2136?
CVE-2007-2136 is a vulnerability with a CVSS score of 7.5 (HIGH). Stack-based buffer overflow in bgs_sdservice.exe in BMC Patrol PerformAgent allows remote attackers to execute arbitrary code by connecting to TCP port 10128 and sending certain XDR data, which is not...
How severe is CVE-2007-2136?
CVE-2007-2136 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-2136?
Check the references section above for vendor advisories and patch information. Affected products include: Bmc Patrol Perform Agent.