CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Vulnerability Details : CVE-2006-3838

Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) before 2.5.0, as used in products including (a) Sidewinder, (b) iPolicy Security Manager, (c) Astaro Report Manager, (d) Fortinet FortiReporter, (e) Top Layer Network Security Analyzer, and possibly other products, allow remote attackers to execute arbitrary code via long (1) DELTAINTERVAL, (2) LOGFOLDER, (3) DELETELOGS, (4) FWASERVER, (5) SYSLOGPUBLICIP, (6) GETFWAIMPORTLOG, (7) GETFWADELTA, (8) DELETERDEPDEVICE, (9) COMPRESSRAWLOGFILE, (10) GETSYSLOGFIREWALLS, (11) ADDPOLICY, and (12) EDITPOLICY commands to the Syslog daemon (syslogserver.exe); (13) GUIADDDEVICE, (14) ADDDEVICE, and (15) DELETEDEVICE commands to the Topology server (Topology.exe); the (15) LICMGR_ADDLICENSE command to the License Manager (EnterpriseSecurityAnalyzer.exe); the (16) TRACE and (17) QUERYMONITOR commands to the Monitoring agent (Monitoring.exe); and possibly other vectors related to the Syslog daemon (syslogserver.exe).
Publish Date : 2006-07-26 Last Update Date : 2011-09-06
Search Twitter   Search YouTube   Search Google

- CVSS Scores & Vulnerability Types

CVSS Score
10.0
Confidentiality Impact Complete (There is total information disclosure, resulting in all system files being revealed.)
Integrity Impact Complete (There is a total compromise of system integrity. There is a complete loss of system protection, resulting in the entire system being compromised.)
Availability Impact Complete (There is a total shutdown of the affected resource. The attacker can render the resource completely unavailable.)
Access Complexity Low (Specialized access conditions or extenuating circumstances do not exist. Very little knowledge or skill is required to exploit. )
Authentication Not required (Authentication is not required to exploit the vulnerability.)
Gained Access Admin
Vulnerability Type(s) Execute CodeOverflow
CWE ID 119

- Products Affected By CVE-2006-3838

# Product Type Vendor Product Version Update Edition Language
1 Application Eiqnetworks Enterprise Security Analyzer 2.4.0 Version Details Vulnerabilities

- Number Of Affected Versions By Product

Vendor Product Vulnerable Versions
Eiqnetworks Enterprise Security Analyzer 1

- References For CVE-2006-3838

http://archive.cert.uni-stuttgart.de/bugtraq/2006/08/msg00152.html
BUGTRAQ 20060808 TSRT-06-07: eIQnetworks Enterprise Security Analyzer Monitoring Agent Buffer Overflow Vulnerabilities
http://secunia.com/advisories/21217
SECUNIA 21217
http://secunia.com/advisories/21215
SECUNIA 21215
http://secunia.com/advisories/21214
SECUNIA 21214
http://secunia.com/advisories/21213
SECUNIA 21213
http://secunia.com/advisories/21211
SECUNIA 21211
http://secunia.com/advisories/21218
SECUNIA 21218
http://securitytracker.com/id?1016580
SECTRACK 1016580
http://www.osvdb.org/27525
OSVDB 27525
http://www.eiqnetworks.com/products/enterprisesecurity/EnterpriseSecurityAnalyzer/ESA_2.5.0_Release_Notes.pdf CONFIRM
http://www.osvdb.org/27526
OSVDB 27526
http://www.osvdb.org/27527
OSVDB 27527
http://www.osvdb.org/27528
OSVDB 27528
http://www.securityfocus.com/archive/1/archive/1/441195/100/0/threaded
BUGTRAQ 20060725 ZDI-06-024: eIQNetworks Enterprise Security Analyzer License Manager Buffer Overflow Vulnerability
http://www.securityfocus.com/archive/1/archive/1/441197/100/0/threaded
BUGTRAQ 20060725 ZDI-06-023: eIQNetworks Enterprise Security Analyzer Syslog Server Buffer Overflow Vulnerability
http://www.securityfocus.com/archive/1/archive/1/441198/100/0/threaded
BUGTRAQ 20060725 TSRT-06-04: eIQnetworks Enterprise Security Analyzer Topology Server Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/19164
BID 19164 eIQnetworks Enterprise Security Analyzer Topology Server Remote Buffer Overflow Vulnerability Release Date:2008-02-01
http://www.securityfocus.com/bid/19163
BID 19163 eIQnetworks Enterprise Security Analyzer License Manager Remote Buffer Overflow Vulnerability Release Date:2006-09-05
http://www.securityfocus.com/archive/1/archive/1/441200/100/0/threaded
BUGTRAQ 20060725 TSRT-06-03: eIQnetworks Enterprise Security Analyzer Syslog Server Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/19165
BID 19165 eIQNetworks Enterprise Security Analyzer SyslogServer.EXE Buffer Overflow Vulnerability Release Date:2006-09-05
http://www.securityfocus.com/bid/19167
BID 19167 eIQNetworks Enterprise Security Analyzer Multiple Syslog Daemon Buffer Overflow Vulnerabilities Release Date:2006-09-05
http://www.tippingpoint.com/security/advisories/TSRT-06-03.html
http://www.tippingpoint.com/security/advisories/TSRT-06-04.html
http://www.tippingpoint.com/security/advisories/TSRT-06-07.html
http://www.vupen.com/english/advisories/2006/2985
VUPEN ADV-2006-2985
http://www.vupen.com/english/advisories/2006/3007
VUPEN ADV-2006-3007
http://www.vupen.com/english/advisories/2006/3006
VUPEN ADV-2006-3006
http://www.vupen.com/english/advisories/2006/3008
VUPEN ADV-2006-3008
http://www.vupen.com/english/advisories/2006/3009
VUPEN ADV-2006-3009
http://www.vupen.com/english/advisories/2006/3010
VUPEN ADV-2006-3010
http://www.zerodayinitiative.com/advisories/ZDI-06-023.html
http://xforce.iss.net/xforce/xfdb/27950
XF eiqnetworks-esa-syslog-string-bo(27950)
http://www.zerodayinitiative.com/advisories/ZDI-06-024.html
http://xforce.iss.net/xforce/xfdb/27951
XF eiqnetworks-esa-syslog-command-bo(27951)
http://xforce.iss.net/xforce/xfdb/27952
XF eiqnetworks-esa-licensemanager-bo(27952)
http://xforce.iss.net/xforce/xfdb/27953
XF eiqnetworks-esa-topology-bo(27953)
http://www.kb.cert.org/vuls/id/513068
CERT-VN VU#513068
http://xforce.iss.net/xforce/xfdb/27954
XF eiqnetworks-esa-monitoring-bo(27954)

- Metasploit Modules Related To CVE-2006-3838

eIQNetworks ESA License Manager LICMGR_ADDLICENSE Overflow
This module exploits a stack buffer overflow in eIQnetworks Enterprise Security Analyzer. During the processing of long arguments to the LICMGR_ADDLICENSE command, a stack-based buffer overflow occurs. This module has only been tested against ESA v2.1.13.
Module type : exploit Rank : average Platforms : Windows
eIQNetworks ESA Topology DELETEDEVICE Overflow
This module exploits a stack buffer overflow in eIQnetworks Enterprise Security Analyzer. During the processing of long arguments to the DELETEDEVICE command in the Topology server, a stack-based buffer overflow occurs. This module has only been tested against ESA v2.1.13.
Module type : exploit Rank : average Platforms : Windows


CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.