Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: Gain root remotely --> Category: denial

eIQnetworks Enterprise Security Analyzer Monitoring Agent Command Argument Buffer Overflow Vulnerability Vulnerability Scan


Vulnerability Scan Summary
Tries to crash ESA monitoring agent with a long argument to QUERYMONITOR

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote host contains an application that is vulnerable to a remote
buffer overflow attack.

Description :

The version of eIQnetworks Enterprise Security Analyzer, Network
Security Analyzer, or one of its OEM versions installed on the remote
host contains a buffer overflow in its Monitoring Agent service.
Using a long argument to a command, an unauthenticated remote attacker
may be able to leverage this issue to execute arbitrary code on the
affected host with LOCAL SYSTEM rights.

See also :

http://www.tippingpoint.com/security/advisories/TSRT-06-07.html
http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/048585.html
http://www.eiqnetworks.com/support/Security_Advisory.pdf

Solution :

Upgrade to Enterprise Security Analyzer 2.1.14 / Network Security
Analyzer 4.5.4 / OEM software 4.5.4 or later.

Threat Level:

Critical / CVSS Base Score : 10
(AV:R/AC:L/Au:NR/C:C/A:C/I:C/B:N)

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.