eIQnetworks Enterprise Security Analyzer Syslog Server Multiple Remote Overflows

This script is Copyright (C) 2006-2017 Tenable Network Security, Inc.


Synopsis :

The remote host contains an application that is vulnerable to remote
buffer overflow attacks.

Description :

The version of eIQnetworks Enterprise Security Analyzer, Network
Security Analyzer, or one of its OEM versions installed on the remote
host is affected by multiple stack-based buffer overflows in its
Syslog Service. Using a long argument to any of several commands, an
unauthenticated, remote attacker may be able to leverage this issue to
execute arbitrary code on the affected host with LOCAL SYSTEM
privileges.

See also :

http://www.tippingpoint.com/security/advisories/TSRT-06-03.html
http://www.securityfocus.com/archive/1/441200/30/90/threaded

Solution :

Upgrade to Enterprise Security Analyzer 2.1.14 / Network Security
Analyzer 4.5.4 / OEM software 4.5.4 or later

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.3
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 22127 (esa_syslog_cmd_argument_overflows.nasl)

Bugtraq ID: 19165
19167

CVE ID: CVE-2006-3838

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now