CVE-2006-3838

critical

Description

Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) before 2.5.0, as used in products including (a) Sidewinder, (b) iPolicy Security Manager, (c) Astaro Report Manager, (d) Fortinet FortiReporter, (e) Top Layer Network Security Analyzer, and possibly other products, allow remote attackers to execute arbitrary code via long (1) DELTAINTERVAL, (2) LOGFOLDER, (3) DELETELOGS, (4) FWASERVER, (5) SYSLOGPUBLICIP, (6) GETFWAIMPORTLOG, (7) GETFWADELTA, (8) DELETERDEPDEVICE, (9) COMPRESSRAWLOGFILE, (10) GETSYSLOGFIREWALLS, (11) ADDPOLICY, and (12) EDITPOLICY commands to the Syslog daemon (syslogserver.exe); (13) GUIADDDEVICE, (14) ADDDEVICE, and (15) DELETEDEVICE commands to the Topology server (Topology.exe); the (15) LICMGR_ADDLICENSE command to the License Manager (EnterpriseSecurityAnalyzer.exe); the (16) TRACE and (17) QUERYMONITOR commands to the Monitoring agent (Monitoring.exe); and possibly other vectors related to the Syslog daemon (syslogserver.exe).

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/27954

https://exchange.xforce.ibmcloud.com/vulnerabilities/27953

https://exchange.xforce.ibmcloud.com/vulnerabilities/27952

https://exchange.xforce.ibmcloud.com/vulnerabilities/27951

https://exchange.xforce.ibmcloud.com/vulnerabilities/27950

http://www.zerodayinitiative.com/advisories/ZDI-06-024.html

http://www.zerodayinitiative.com/advisories/ZDI-06-023.html

http://www.vupen.com/english/advisories/2006/3010

http://www.vupen.com/english/advisories/2006/3009

http://www.vupen.com/english/advisories/2006/3008

http://www.vupen.com/english/advisories/2006/3007

http://www.vupen.com/english/advisories/2006/3006

http://www.vupen.com/english/advisories/2006/2985

http://www.tippingpoint.com/security/advisories/TSRT-06-07.html

http://www.tippingpoint.com/security/advisories/TSRT-06-04.html

http://www.tippingpoint.com/security/advisories/TSRT-06-03.html

http://www.securityfocus.com/bid/19167

http://www.securityfocus.com/bid/19165

http://www.securityfocus.com/bid/19164

http://www.securityfocus.com/bid/19163

http://www.securityfocus.com/archive/1/441200/100/0/threaded

http://www.securityfocus.com/archive/1/441198/100/0/threaded

http://www.securityfocus.com/archive/1/441197/100/0/threaded

http://www.securityfocus.com/archive/1/441195/100/0/threaded

http://www.osvdb.org/27528

http://www.osvdb.org/27527

http://www.osvdb.org/27526

http://www.osvdb.org/27525

http://www.kb.cert.org/vuls/id/513068

http://www.eiqnetworks.com/products/enterprisesecurity/EnterpriseSecurityAnalyzer/ESA_2.5.0_Release_Notes.pdf

http://securitytracker.com/id?1016580

http://secunia.com/advisories/21218

http://secunia.com/advisories/21217

http://secunia.com/advisories/21215

http://secunia.com/advisories/21214

http://secunia.com/advisories/21213

http://secunia.com/advisories/21211

http://archive.cert.uni-stuttgart.de/bugtraq/2006/08/msg00152.html

Details

Source: Mitre, NVD

Published: 2006-07-27

Updated: 2018-10-17

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical