eIQnetworks Enterprise Security Analyzer Syslog Server Multiple Remote Overflows

Critical Nessus Plugin ID 22127


The remote host contains an application that is vulnerable to remote buffer overflow attacks.


The version of eIQnetworks Enterprise Security Analyzer, Network Security Analyzer, or one of its OEM versions installed on the remote host is affected by multiple stack-based buffer overflows in its Syslog Service. Using a long argument to any of several commands, an unauthenticated, remote attacker may be able to leverage this issue to execute arbitrary code on the affected host with LOCAL SYSTEM privileges.


Upgrade to Enterprise Security Analyzer 2.1.14 / Network Security Analyzer 4.5.4 / OEM software 4.5.4 or later

See Also



Plugin Details

Severity: Critical

ID: 22127

File Name: esa_syslog_cmd_argument_overflows.nasl

Version: $Revision: 1.19 $

Type: remote

Agent: windows

Family: Windows

Published: 2006/08/02

Modified: 2017/02/23

Dependencies: 22126

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:ND

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2006/07/25

Exploitable With

Metasploit (eIQNetworks ESA Topology DELETEDEVICE Overflow)

Reference Information

CVE: CVE-2006-3838

BID: 19165, 19167

OSVDB: 27525, 27527

Secunia: 21211

CWE: 119