HIGH🇬🇧 English

CVE-2008-5982

CVSS 10.0v2.0pub. 2009-01-27upd. 2026-04-23

Format string vulnerability in BMC PATROL Agent before 3.7.30 allows remote attackers to execute arbitrary code via format string specifiers in an invalid version number to TCP port 3181, which are not properly handled when writing a log message.

oryginał EN
CVSS Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
  • Bmc Patrol Agent

    APP
    Bmc
    3.23.2.33.2.53.2.73.3.003.4.003.4.11≤ 3.7
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
CWE
Referencje

Powiązane podatności

CVE-2023-34257CRITICAL9.8ten sam produkt

An issue was discovered in BMC Patrol through 23.1.00. The agent's configuration can be remotely modified (and...

CVE-2019-8352CRITICAL9.8ten sam produkt

By default, BMC PATROL Agent through 11.3.01 uses a static encryption key for encrypting/decrypting user crede...

CVE-2020-35593HIGH7.8ten sam produkt

BMC PATROL Agent through 20.08.00 allows local privilege escalation via vectors involving pconfig +RESTART -ho...

CVE-2019-17043HIGH7.8ten sam produkt

An issue was discovered in BMC Patrol Agent 9.0.10i. Weak execution permissions on the best1collect.exe SUID b...

CVE-2019-17044HIGH7.8ten sam produkt

An issue was discovered in BMC Patrol Agent 9.0.10i. Weak execution permissions on the PatrolAgent SUID binary...