eIQnetworks Enterprise Security Analyzer EnterpriseSecurityAnalyzer.exe LICMGR_ADDLICENSE Command Remote Overflow
Critical Nessus Plugin ID 22129
SynopsisThe remote host contains an application that is vulnerable to a remote buffer overflow attack.
DescriptionThe version of eIQnetworks Enterprise Security Analyzer, Network Security Analyzer, or one of its OEM versions installed on the remote host contains a buffer overflow in its License Manager service. Using a long argument to the 'LICMGR_ADDLICENSE' command, an unauthenticated remote attacker may be able to leverage this issue to execute arbitrary code on the affected host with LOCAL SYSTEM privileges.
SolutionUpgrade to Enterprise Security Analyzer 2.1.14 / Network Security Analyzer 4.5.4 / OEM software 4.5.4 or later