CVE-2008-1321

ASG-Sentry Network Manager <7.0.0 - DoS

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-1321. PoCs published by Luigi Auriemma.

AI-analyzed exploit summary The document provides a detailed technical analysis of multiple vulnerabilities in ASG-Sentry, including arbitrary file deletion, heap overflow in FxAgent, service termination, and buffer overflow in FxIAList. It includes proof-of-concept commands and references to external exploit files.

Description

The FxIAList service in ASG-Sentry Network Manager 7.0.0 and earlier does require authentication, which allows remote attackers to cause a denial of service (service termination) via the exit command to TCP port 6162, or have other impacts via other commands.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Luigi Auriemma · textdosmultiple

https://www.exploit-db.com/exploits/5229

View Code ZIP pw:eip

The document provides a detailed technical analysis of multiple vulnerabilities in ASG-Sentry, including arbitrary file deletion, heap overflow in FxAgent, service termination, and buffer overflow in FxIAList. It includes proof-of-concept commands and references to external exploit files.

Classification

Writeup 95%

Attack Type

Other

Complexity

Moderate

Reliability

Theoretical

Target: ASG-Sentry <= 7.0.0

No auth needed

Prerequisites: Network access to the target server · ASG-Sentry service running on default ports

MITRE ATT&CK