Computer Security
[EN] securityvulns.ru no-pyccku


BMC Performance Manager unauthorized access
Published:20.04.2007
Source:
SecurityVulns ID:7620
Type:remote
Threat Level:
5/10
Description:PatrolAgent.exe TCP/3181 allows SNMP community definition modification.
CVE:CVE-2007-1972 (** DISPUTED ** PatrolAgent.exe in BMC Performance Manager does not require authentication for requests to modify configuration files, which allows remote attackers to execute arbitrary code via a request on TCP port 3181 for modification of the masterAgentName and masterAgentStartLine SNMP parameters. NOTE: the vendor disputes this vulnerability, stating that it does not exist when the system is properly configured.)
Original documentdocumentZDI, ZDI-07-020: BMC Performance Manager SNMP Command Execution Vulnerability (20.04.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod