eIQnetworks Enterprise Security Analyzer Syslog Server Multiple Remote Overflows
Critical Nessus Plugin ID 22127
SynopsisThe remote host contains an application that is vulnerable to remote buffer overflow attacks.
DescriptionThe version of eIQnetworks Enterprise Security Analyzer, Network Security Analyzer, or one of its OEM versions installed on the remote host is affected by multiple stack-based buffer overflows in its Syslog Service. Using a long argument to any of several commands, an unauthenticated, remote attacker may be able to leverage this issue to execute arbitrary code on the affected host with LOCAL SYSTEM privileges.
SolutionUpgrade to Enterprise Security Analyzer 2.1.14 / Network Security Analyzer 4.5.4 / OEM software 4.5.4 or later