| CVE ID | CVE-2008-5982 |
| CVSS SCORE | |
| AFFECTED VENDORS |
BMC Software |
| AFFECTED PRODUCTS |
Patrol |
| TREND MICRO CUSTOMER PROTECTION | Trend Micro TippingPoint IPS customers are protected against this vulnerability by Digital Vaccine protection filter ID ['6129']. For further product information on the TippingPoint IPS: http://www.tippingpoint.com |
| VULNERABILITY DETAILS |
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of BMC PatrolAgent. Authentication is not required to exploit this vulnerability. The specific flaw exists due to a format string handling error during log message writing. Supplying an invalid version number containing format string tokens to a vulnerable target on TCP port 3181 triggers an exploitable format string vulnerability which can result in arbitrary code execution. |
| ADDITIONAL DETAILS |
BMC has issued an update to correct this vulnerability. Customers should upgrade PATROL Agent to version 3.7.30 |
| DISCLOSURE TIMELINE |
|
| CREDIT | Anonymous |
