CVE-2008-1320
published 2008-03-13CVE-2008-1320: Multiple buffer overflows in ASG-Sentry Network Manager 7.0.0 and earlier allow remote attackers to execute arbitrary code or cause a denial of service (crash)…
PriorityP259critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
16.31%
96.6th percentile
Multiple buffer overflows in ASG-Sentry Network Manager 7.0.0 and earlier allow remote attackers to execute arbitrary code or cause a denial of service (crash) via (1) a long request to FxIAList on TCP port 6162, or (2) an SNMP request with a long community string to FxAgent on UDP port 6161.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| asg | asg-sentry | <= 7.0.0 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect oversized SNMP community strings (>64 bytes) sent to UDP/6161 targeting FxAgent — indicative of heap-overflow exploitation attempt. ↗
- →Detect long TCP requests (>500 bytes payload) to port 6162 targeting FxIAList — indicative of stack-based buffer-overflow exploitation attempt. ↗
- →Detect the 'exit' command sent unauthenticated to TCP/6162 (FxIAList) which will terminate the service. ↗
- →Monitor for HTTP requests to /snmx-cgi/fcheck.exe referencing UNC/network share paths (e.g., \host\) which Apache converts to double-backslash network share paths. ↗
- ·FxIAList on TCP/6162 requires no authentication, meaning any remote host can send commands including 'exit' to terminate the service or exploit the buffer overflow without credentials. ↗
- ·No vendor fix was available at time of disclosure; all versions up to and including 7.0.0 are affected. ↗
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_redhat7.2HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-f857-3xrr-6w3c: Multiple buffer overflows in ASG-Sentry Network Manager 7
ghsa_unreviewed·2022-05-01
CVE-2008-1320 [HIGH] CWE-119 GHSA-f857-3xrr-6w3c: Multiple buffer overflows in ASG-Sentry Network Manager 7
Multiple buffer overflows in ASG-Sentry Network Manager 7.0.0 and earlier allow remote attackers to execute arbitrary code or cause a denial of service (crash) via (1) a long request to FxIAList on TCP port 6162, or (2) an SNMP request with a long community string to FxAgent on UDP port 6161.
Red Hat
kvm/qemu/xen: Incomplete upstream fix for CVE-2007-1320
vendor_redhat·2008-10-29·CVSS 7.2
CVE-2008-4539 [HIGH] kvm/qemu/xen: Incomplete upstream fix for CVE-2007-1320
kvm/qemu/xen: Incomplete upstream fix for CVE-2007-1320
Heap-based buffer overflow in the Cirrus VGA implementation in (1) KVM before kvm-82 and (2) QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka the LGD-54XX "bitblt" heap overflow. NOTE: this issue exists because of an incorrect fix for CVE-2007-1320.
No detection rules found.
Bugzilla
CVE-2008-4539 kvm/qemu/xen: Incomplete upstream fix for CVE-2007-1320
bugzilla·2008-10-14·CVSS 7.2
CVE-2008-4539 [HIGH] CVE-2008-4539 kvm/qemu/xen: Incomplete upstream fix for CVE-2007-1320
CVE-2008-4539 kvm/qemu/xen: Incomplete upstream fix for CVE-2007-1320
Created attachment 320281
Proposed actualized upstream qemu patch to resolve the Cirrus LGD-54XX "bitblt" heap overflow (CVE-2007-1320)
Jan Niehusmann discovered that the upstream fix for the CVE-2007-1320 is
incomplete and still allows local users to cause a heap-based buffer overlow,
when connecting via the VNC console.
Steps to reproduce:
No reproducer.
Upstream qemu patch for the initial CVE-2007-1320 issue:
https://svn.pardus.org.tr/pardus/2007/applications/emulators/qemu/files/CVE-2007-1320.patch
Proposed upstream correction of this patch - see attachment.
Discussion:
QEMU upstream commit:
http://git.kernel.dk/?p=qemu.git;a=commitdiff;h=65d35a09979e63541afc5bfc595b9f1b1b4ae069
More on current status of thi
Bugzilla
CVE-2007-1320 xen/qemu Cirrus LGD-54XX "bitblt" Heap Overflow [Fedora 8]
bugzilla·2008-05-27·CVSS 7.2
CVE-2007-1320 [HIGH] CVE-2007-1320 xen/qemu Cirrus LGD-54XX "bitblt" Heap Overflow [Fedora 8]
CVE-2007-1320 xen/qemu Cirrus LGD-54XX "bitblt" Heap Overflow [Fedora 8]
kvm-60-6.fc8 has been submitted as an update for Fedora 8
Discussion:
*** This bug has been marked as a duplicate of 237342 ***
---
kvm-60-6.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
---
It appears this beast is still alive.
CVE-2008-4539 is its new name.
---
kvm-60-7.fc8 has been submitted as an update for Fedora 8.
http://admin.fedoraproject.org/updates/kvm-60-7.fc8
---
kvm-60-7.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
Bugzilla
CVE-2007-1320 xen/qemu Cirrus LGD-54XX "bitblt" Heap Overflow [Fedora 9]
bugzilla·2008-05-27·CVSS 7.2
CVE-2007-1320 [HIGH] CVE-2007-1320 xen/qemu Cirrus LGD-54XX "bitblt" Heap Overflow [Fedora 9]
CVE-2007-1320 xen/qemu Cirrus LGD-54XX "bitblt" Heap Overflow [Fedora 9]
kvm-65-7.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.
Discussion:
It appears this beast is still alive.
CVE-2008-4539 is its new name.
---
kvm-65-11.fc9 has been submitted as an update for Fedora 9.
http://admin.fedoraproject.org/updates/kvm-65-11.fc9
---
kvm-65-11.fc9 has been pushed to the Fedora 9 testing repository. If problems still persist, please make note of it in this bug report.
If you want to test the update, you can install it with
su -c 'yum --enablerepo=updates-testing update kvm'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F9/FEDORA-2008-9571
---
kvm-65-13.fc9 has been subm
http://aluigi.altervista.org/adv/asgulo-adv.txthttp://secunia.com/advisories/29289http://securityreason.com/securityalert/3737http://www.securityfocus.com/archive/1/489359/100/0/threadedhttp://www.securityfocus.com/bid/28188http://www.vupen.com/english/advisories/2008/0839/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/41082https://exchange.xforce.ibmcloud.com/vulnerabilities/41086https://www.exploit-db.com/exploits/5229http://aluigi.altervista.org/adv/asgulo-adv.txthttp://secunia.com/advisories/29289http://securityreason.com/securityalert/3737http://www.securityfocus.com/archive/1/489359/100/0/threadedhttp://www.securityfocus.com/bid/28188http://www.vupen.com/english/advisories/2008/0839/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/41082https://exchange.xforce.ibmcloud.com/vulnerabilities/41086https://www.exploit-db.com/exploits/5229
2008-03-13
Published