cbcvebase.
CVE-2008-1320
published 2008-03-13

CVE-2008-1320: Multiple buffer overflows in ASG-Sentry Network Manager 7.0.0 and earlier allow remote attackers to execute arbitrary code or cause a denial of service (crash)…

PriorityP259critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
16.31%
96.6th percentile
Multiple buffer overflows in ASG-Sentry Network Manager 7.0.0 and earlier allow remote attackers to execute arbitrary code or cause a denial of service (crash) via (1) a long request to FxIAList on TCP port 6162, or (2) an SNMP request with a long community string to FxAgent on UDP port 6161.

Affected

1 ranges
VendorProductVersion rangeFixed in
asgasg-sentry<= 7.0.0

Detection & IOCsextracted from sources · hover to see the quote

  • Detect oversized SNMP community strings (>64 bytes) sent to UDP/6161 targeting FxAgent — indicative of heap-overflow exploitation attempt.
  • Detect long TCP requests (>500 bytes payload) to port 6162 targeting FxIAList — indicative of stack-based buffer-overflow exploitation attempt.
  • Detect the 'exit' command sent unauthenticated to TCP/6162 (FxIAList) which will terminate the service.
  • Monitor for HTTP requests to /snmx-cgi/fcheck.exe referencing UNC/network share paths (e.g., \host\) which Apache converts to double-backslash network share paths.
  • ·FxIAList on TCP/6162 requires no authentication, meaning any remote host can send commands including 'exit' to terminate the service or exploit the buffer overflow without credentials.
  • ·No vendor fix was available at time of disclosure; all versions up to and including 7.0.0 are affected.

CVSS provenance

nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_redhat7.2HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.