CVE-2008-1320

ASG-Sentry Network Manager <7.0.0 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-1320. PoCs published by Luigi Auriemma.

AI-analyzed exploit summary The document provides a detailed technical analysis of multiple vulnerabilities in ASG-Sentry, including arbitrary file deletion, heap overflow in FxAgent, service termination, and buffer overflow in FxIAList. It includes proof-of-concept commands and references to external exploit files.

Description

Multiple buffer overflows in ASG-Sentry Network Manager 7.0.0 and earlier allow remote attackers to execute arbitrary code or cause a denial of service (crash) via (1) a long request to FxIAList on TCP port 6162, or (2) an SNMP request with a long community string to FxAgent on UDP port 6161.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Luigi Auriemma · textdosmultiple

https://www.exploit-db.com/exploits/5229

View Code ZIP pw:eip

The document provides a detailed technical analysis of multiple vulnerabilities in ASG-Sentry, including arbitrary file deletion, heap overflow in FxAgent, service termination, and buffer overflow in FxIAList. It includes proof-of-concept commands and references to external exploit files.

Classification

Writeup 95%

Attack Type

Other

Complexity

Moderate

Reliability

Theoretical

Target: ASG-Sentry <= 7.0.0

No auth needed

Prerequisites: Network access to the target server · ASG-Sentry service running on default ports

MITRE ATT&CK