Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-0975

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2011-0975
Last Modified 21 Sep 2011 11:29:11
Published 10 Feb 2011 01:00:59
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-0975

Summary

Stack-based buffer overflow in BMC PATROL Agent Service Daemon for in Performance Analysis for Servers, Performance Assurance for Servers, and Performance Assurance for Virtual Servers 7.4.00 through 7.5.10; Performance Analyzer and Performance Predictor for Servers 7.4.00 through 7.5.10; and Capacity Management Essentials 1.2.00 (7.4.15) allows remote attackers to execute arbitrary code via a crafted length value in a BGS_MULTIPLE_READS command to TCP port 6768.

Vulnerable Systems

Application

  • Bmc Capacity Management Essentials 1.2.00

  • Bmc Performance Analysis For Servers 7.4.00

  • Bmc Performance Analysis For Servers 7.4.10

  • Bmc Performance Analysis For Servers 7.4.15

  • Bmc Performance Analysis For Servers 7.5.00

  • Bmc Performance Analysis For Servers 7.5.10

  • Bmc Performance Analyzer For Servers 7.4.00

  • Bmc Performance Analyzer For Servers 7.4.10

  • Bmc Performance Analyzer For Servers 7.4.15

  • Bmc Performance Analyzer For Servers 7.5.00

  • Bmc Performance Analyzer For Servers 7.5.10

  • Bmc Performance Assurance For Servers 7.4.00

  • Bmc Performance Assurance For Servers 7.4.10

  • Bmc Performance Assurance For Servers 7.4.15

  • Bmc Performance Assurance For Servers 7.5.00

  • Bmc Performance Assurance For Servers 7.5.10

  • Bmc Performance Assurance For Virtual Servers 7.4.00

  • Bmc Performance Assurance For Virtual Servers 7.4.10

  • Bmc Performance Assurance For Virtual Servers 7.4.15

  • Bmc Performance Assurance For Virtual Servers 7.5.00

  • Bmc Performance Assurance For Virtual Servers 7.5.10

  • Bmc Performance Predictor For Servers 7.4.00

  • Bmc Performance Predictor For Servers 7.4.10

  • Bmc Performance Predictor For Servers 7.4.15

  • Bmc Performance Predictor For Servers 7.5.00

  • Bmc Performance Predictor For Servers 7.5.10


References

XF - bmc-patrolagent-bo(65135)

MISC - http://www.zerodayinitiative.com/advisories/ZDI-11-039

VUPEN - ADV-2011-0286

BID - 46151

BUGTRAQ - 20110203 ZDI-11-039: BMC PATROL Agent Service Daemon BGS_MULTIPLE_READS Remote Code Execution Vulnerability

SREASON - 8076

SECUNIA - 43177

OSVDB - 70788


Last Updated: 27 May 2016 10:56:07