RSS   Vulnerabilities for 'Patrol'   RSS

2017-08-22
 
CVE-2017-13130

CWE-427
 

 
mcmnm in BMC Patrol allows local users to gain privileges via a crafted libmcmclnx.so file in the current working directory, because it is setuid root and the RPATH variable begins with the .: substring.

 
2016-12-02
 
CVE-2016-9638

 

 
In BMC Patrol before 9.13.10.02, the binary "listguests64" is configured with the setuid bit. However, when executing it, it will look for a binary named "virsh" using the PATH environment variable. The "listguests64" program will then run "virsh" using root privileges. This allows local users to elevate their privileges to root.

 

 >>> Vendor: BMC 24 Products
Patrol agent
Software control-m agent
Remedy action request system
Performance manager
Patrol perform agent
Capacity management essentials
Performance analysis for servers
Performance analyzer for servers
Performance assurance for servers
Performance assurance for virtual servers
Performance predictor for servers
Identity management suite
Service desk express
Bmc track-it!
Bladelogic server automation console
Patrol
Server automation
Footprints service core
Track-it!
Remedy action request system server
Remedy mid-tier
Remedy smart reporting
Myit digital workplace
Remedy ar system server


Copyright 2024, cxsecurity.com

 

Back to Top