CVE-2012-2606

Bradford Network Sentry <5.3.3 - Info Disclosure

Title source: llm

Description

The agent in Bradford Network Sentry before 5.3.3 does not require authentication for messages, which allows remote attackers to trigger the display of arbitrary text on a workstation via a crafted packet to UDP port 4567, as demonstrated by a replay attack.

References (3)

[US Government Resource] http://www.kb.cert.org/vuls/id/709939

[Various Sources] https://na3.salesforce.com/sfc/#version?id=06850000000JDx3

[Third Party Advisory, US Government Resource] http://www.kb.cert.org/vuls/id/MAPG-8TJKAF

Scores

EPSS 0.0580

EPSS Percentile 90.4%

Classification

CWE

CWE-287

Status draft

Affected Products (3)

bradfordnetworks/network_sentry_appliance_software < 5.3

bradfordnetworks/network_sentry_appliance

Timeline

Published Jun 13, 2012

Tracked Since Feb 18, 2026