eIQnetworks Enterprise Security Analyzer Monitoring.exe Multiple Command Overflow

Critical Nessus Plugin ID 22196


The remote host contains an application that is vulnerable to a remote buffer overflow attack.


The version of eIQnetworks Enterprise Security Analyzer, Network Security Analyzer, or one of its OEM versions installed on the remote host contains a buffer overflow in its Monitoring Agent service. Using a long argument to a command, an unauthenticated, remote attacker may be able to leverage this issue to execute arbitrary code on the affected host with LOCAL SYSTEM privileges.


Upgrade to Enterprise Security Analyzer 2.1.14 / Network Security Analyzer 4.5.4 / OEM software 4.5.4 or later.

See Also



Plugin Details

Severity: Critical

ID: 22196

File Name: esa_monitoring_cmd_arg_overflows.nasl

Version: $Revision: 1.18 $

Type: remote

Agent: windows

Family: Windows

Published: 2006/08/10

Modified: 2017/02/23

Dependencies: 22195

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:ND

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2006/07/25

Exploitable With

Metasploit (eIQNetworks ESA Topology DELETEDEVICE Overflow)

Reference Information

CVE: CVE-2006-3838

BID: 19424

OSVDB: 27529

Secunia: 21211

CWE: 119