CVE-2008-5982

Format string vulnerability in BMC PATROL Agent before 3.7.30 allows remote attackers to execute arbitrary code via format string specifiers in an invalid version number to TCP port 3181, which are not properly handled when writing a log message.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 94%
VendorProductVersion
bmcpatrol_agent
𝑥
≤ 3.7
bmcpatrol_agent
3.2
bmcpatrol_agent
3.2.3
bmcpatrol_agent
3.2.5
bmcpatrol_agent
3.2.7
bmcpatrol_agent
3.3.00
bmcpatrol_agent
3.3.00
bmcpatrol_agent
3.3.00
bmcpatrol_agent
3.4.00
bmcpatrol_agent
3.4.00
bmcpatrol_agent
3.4.00
bmcpatrol_agent
3.4.11
bmcpatrol_agent
3.4.11
bmcpatrol_agent
3.4.11
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/33049
http://www.securityfocus.com/archive/1/499013/100/0/threaded
http://www.securityfocus.com/bid/32692
http://www.securitytracker.com/id?1021361
http://www.vupen.com/english/advisories/2008/3379
http://www.zerodayinitiative.com/advisories/ZDI-08-082/
https://exchange.xforce.ibmcloud.com/vulnerabilities/47175
http://secunia.com/advisories/33049
http://www.securityfocus.com/archive/1/499013/100/0/threaded
http://www.securityfocus.com/bid/32692
http://www.securitytracker.com/id?1021361
http://www.vupen.com/english/advisories/2008/3379
http://www.zerodayinitiative.com/advisories/ZDI-08-082/
https://exchange.xforce.ibmcloud.com/vulnerabilities/47175