 |
|
|
Family: Gain root remotely --> Category: mixed
eIQnetworks Enterprise Security Analyzer Syslog Server Multiple Buffer Overflow Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Tries to crash ESA Syslog Server with a long argument to DELETERDEPDEVICE command
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote host contains an application that is vulnerable to remote
buffer overflow attacks.
Description :
The version of eIQnetworks Enterprise Security Analyzer, Network
Security Analyzer, or one of its OEM versions installed on the remote
host is affected by multiple stack-based buffer overflows in its
Syslog Service. Using a long argument to any of several commands, an
unauthenticated remote attacker may be able to leverage this issue to
execute arbitrary code on the affected host with LOCAL SYSTEM
rights.
See also :
http://www.tippingpoint.com/security/advisories/TSRT-06-03.html
http://www.securityfocus.com/archive/1/441200/30/90/threaded
http://www.eiqnetworks.com/support/Security_Advisory.pdf
Solution :
Upgrade to Enterprise Security Analyzer 2.1.14 / Network Security
Analyzer 4.5.4 / OEM software 4.5.4 or later
Threat Level:
High / CVSS Base Score : 7.0
(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
|
|
|
|
