exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

CVE-2006-3838

Status Candidate

Overview

Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) before 2.5.0, as used in products including (a) Sidewinder, (b) iPolicy Security Manager, (c) Astaro Report Manager, (d) Fortinet FortiReporter, (e) Top Layer Network Security Analyzer, and possibly other products, allow remote attackers to execute arbitrary code via long (1) DELTAINTERVAL, (2) LOGFOLDER, (3) DELETELOGS, (4) FWASERVER, (5) SYSLOGPUBLICIP, (6) GETFWAIMPORTLOG, (7) GETFWADELTA, (8) DELETERDEPDEVICE, (9) COMPRESSRAWLOGFILE, (10) GETSYSLOGFIREWALLS, (11) ADDPOLICY, and (12) EDITPOLICY commands to the Syslog daemon (syslogserver.exe); (13) GUIADDDEVICE, (14) ADDDEVICE, and (15) DELETEDEVICE commands to the Topology server (Topology.exe); the (15) LICMGR_ADDLICENSE command to the License Manager (EnterpriseSecurityAnalyzer.exe); the (16) TRACE and (17) QUERYMONITOR commands to the Monitoring agent (Monitoring.exe); and possibly other vectors related to the Syslog daemon (syslogserver.exe).

Related Files

eIQNetworks ESA Topology DELETEDEVICE Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in eIQnetworks Enterprise Security Analyzer. During the processing of long arguments to the DELETEDEVICE command in the Topology server, a stacked based buffer overflow occurs. This Metasploit module has only been tested against ESA v2.1.13.

tags | exploit, overflow
advisories | CVE-2006-3838
SHA-256 | 40c7d0b0ef0fe774728c6c830363e3909504fb26df945ca04dbed618dc111ba2
eIQNetworks ESA License Manager LICMGR_ADDLICENSE Overflow
Posted Nov 26, 2009
Authored by ri0t, MC, kf | Site metasploit.com

This Metasploit module exploits a stack overflow in eIQnetworks Enterprise Security Analyzer. During the processing of long arguments to the LICMGR_ADDLICENSE command, a stack-based buffer overflow occurs. This Metasploit module has only been tested against ESA v2.1.13.

tags | exploit, overflow
advisories | CVE-2006-3838
SHA-256 | d27891217d71ec56e0dc1758d7a3b745fe6d0c68abc89ee617e45609ec8b18c3
TSRT-06-07.txt
Posted Aug 18, 2006
Authored by Pedram Amini | Site zerodayinitiative.com

The eIQnetworks Enterprise Security Analyzer suffers from multiple vulnerabilities that allow remote attackers the ability to execute arbitrary code.

tags | advisory, remote, arbitrary, vulnerability
advisories | CVE-2006-3838
SHA-256 | 0c958ba0e58c280878e97816e04c3b684803e7205a47ff82e11b381192278831
eIQ-ESA.txt
Posted Jul 28, 2006
Authored by Kevin Finisterre | Site digitalmunition.com

Remote exploit for the Syslog server by eIQnetworks that has a vulnerability when processing long strings transmitted to its TCP port.

tags | exploit, remote, tcp
advisories | CVE-2006-3838
SHA-256 | 60bffcf1a26deeb9ebda5eb75a657c002ee82720c1ef7a36d68131a01a17d94d
eIQ-LM-3.txt
Posted Jul 28, 2006
Authored by Kevin Finisterre | Site digitalmunition.com

Remote exploit for the buffer overflow found in the LICMGR_ADDLICENSE Field of EIQ networks network analyzer.

tags | exploit, remote, overflow
advisories | CVE-2006-3838
SHA-256 | 2fd385aaecbd319e45011cb0297961bc7072184913dd3828fc4dc4b0331f3984
TSRT-06-04.txt
Posted Jul 26, 2006
Site zerodayinitiative.com

A vulnerability exists in the IQnetworks Enterprise Security Analyzer. The specific flaw exists within Topology.exe, which binds by default to TCP port 10628. During the processing of long prefixes to the GUIADDDEVICE, ADDDEVICE, or DELETEDEVICE command, a stack based buffer overflow occurs.

tags | advisory, overflow, tcp
advisories | CVE-2006-3838
SHA-256 | 07715bdb168d079a02768f60b7e9cb7b8b0b077fa559ea98206c1f98d030d8c1
TSRT-06-03.txt
Posted Jul 26, 2006
Site zerodayinitiative.com

A vulnerability exists in the IQnetworks Enterprise Security Analyzer. The flaw specifically exists within the Syslog daemon, syslogserver.exe, during the processing of long arguments passed through various commands on TCP port 10617.

tags | advisory, tcp
advisories | CVE-2006-3838
SHA-256 | d8b970170559300470f77cd29528899de52f7ba78748847d398c43a0525f8b81
Zero Day Initiative Advisory 06-024
Posted Jul 26, 2006
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability exists in the IQnetworks Enterprise Security Analyzer. The specific flaw exists within EnterpriseSecurityAnalyzer.exe, which binds by default to TCP port 10616. During the processing of long arguments to the LICMGR_ADDLICENSE command a stack based buffer overflow occurs.

tags | advisory, overflow, tcp
advisories | CVE-2006-3838
SHA-256 | 62dba3a26852eedc18c6ce2aca71f4563fcba6abc5407d832c1d9a918fee9f91
Zero Day Initiative Advisory 06-023
Posted Jul 26, 2006
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability exists in the IQnetworks Enterprise Security Analyzer. The specific flaw exists within the Syslog daemon, syslogserver.exe, during the processing of long strings transmitted to the listening TCP port. The vulnerability is not exposed over UDP. The default configuration does not expose the open TCP port.

tags | advisory, udp, tcp
advisories | CVE-2006-3838
SHA-256 | a93fa646bd210b8b85b4516fdbb4826f6595d3ffb4b5d0586c0626b6ceb35603
Page 1 of 1
Back1Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close