Vulnerabilities > CVE-2007-2059 - Remote Security vulnerability in Eiqnetworks Enterprise Security Analyzer 2.5
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Multiple buffer overflows in the ESA protocol implementation in eIQnetworks Enterprise Security Analyzer (ESA) 2.5 allow remote attackers to execute arbitrary code via a long parameter to the (1) DELETESEARCHFOLDER, (2) DELTASK, (3) HMGR_CHECKHOSTSCSV, (4) TASKUPDATEDUSER, (5) VERIFYUSERKEY, or (6) VERIFYPWD command.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | eIQnetworks Enterprise Security Analyzer 2.5 Multiple Buffer Overflow Vulnerabilities. CVE-2007-2059. Dos exploit for windows platform |
id | EDB-ID:29850 |
last seen | 2016-02-03 |
modified | 2007-04-12 |
published | 2007-04-12 |
reporter | Leon Juranic |
source | https://www.exploit-db.com/download/29850/ |
title | eIQnetworks Enterprise Security Analyzer 2.5 - Multiple Buffer Overflow Vulnerabilities |
Nessus
NASL family | Windows |
NASL id | ESA_LICMGR_259.NASL |
description | The version of eIQnetworks Enterprise Security Analyzer installed on the remote host contains multiple buffer overflows in its License Manager service. Using long arguments to various commands, an unauthenticated, remote attacker may be able to leverage this issue to crash the affected service or possibly execute arbitrary code on the affected host with LOCAL SYSTEM privileges. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 25080 |
published | 2007-04-18 |
reporter | This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/25080 |
title | eIQnetworks Enterprise Security Analyzer License Manager < 2.5.9 Multiple Remote Overflows |
code |
|