Vulnerability Description
Format string vulnerability in BMC PATROL Agent before 3.7.30 allows remote attackers to execute arbitrary code via format string specifiers in an invalid version number to TCP port 3181, which are not properly handled when writing a log message.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bmc | Patrol Agent | <= 3.7 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/33049Vendor Advisory
- http://www.securityfocus.com/archive/1/499013/100/0/threaded
- http://www.securityfocus.com/bid/32692
- http://www.securitytracker.com/id?1021361
- http://www.vupen.com/english/advisories/2008/3379
- http://www.zerodayinitiative.com/advisories/ZDI-08-082/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47175
- http://secunia.com/advisories/33049Vendor Advisory
- http://www.securityfocus.com/archive/1/499013/100/0/threaded
- http://www.securityfocus.com/bid/32692
- http://www.securitytracker.com/id?1021361
- http://www.vupen.com/english/advisories/2008/3379
- http://www.zerodayinitiative.com/advisories/ZDI-08-082/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47175
FAQ
What is CVE-2008-5982?
CVE-2008-5982 is a vulnerability with a CVSS score of 10.0 (HIGH). Format string vulnerability in BMC PATROL Agent before 3.7.30 allows remote attackers to execute arbitrary code via format string specifiers in an invalid version number to TCP port 3181, which are no...
How severe is CVE-2008-5982?
CVE-2008-5982 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-5982?
Check the references section above for vendor advisories and patch information. Affected products include: Bmc Patrol Agent.