The eIQnetworks Enterprise Security Analyzer Syslog server contains a buffer overflow vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.
Enterprise Security Analyzer
eIQnetworks Enterprise Security Analyzer (ESA) "... provides essential real-time security intelligence to help decipher hacker/virus behavior, combat security threats and meet regulatory compliance requirements across the entire IT infrastructure – network devices and hosts." ESA is also provided on an OEM basis as Astaro Report Manager, Fortinet FortiReporter, iPolicy Security Reporter, SanMina Viking Multi-Log Manager, Secure Computing G2 Security Reporter, and Top Layer Network Security Analyzer.
A remote, unauthenticated attacker may be able to execute arbitrary code on a system running the vulnerable Syslog component.
Apply an update
This vulnerability was disclosed by TippingPoint, who in turn credit Cody Pierce.
This document was written by Will Dormann.
|Date First Published:||2007-01-18|
|Date Last Updated:||2007-01-18 19:06 UTC|