SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com





Category:   Application (Security)  >   FortiReporter Vendors:   Fortinet
(FortiNet Issues Fix for FortiReporter) eIQnetworks Enterprise Security Analyzer Buffer Overflows Let Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1016610
SecurityTracker URL:  http://securitytracker.com/id/1016610
CVE Reference:   CVE-2006-3838   (Links to External Site)
Date:  Jul 31 2006
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 4.5.3
Description:   Several vulnerabilities were reported in eIQnetworks Enterprise Security Analyzer. A remote user can execute arbitrary code on the target system. FortiReporter is affected.

A remote user can send specially crafted data to trigger a buffer overflow and execute arbitrary code on the target system. The code will run with the privileges of the target service. Several components are affected.

The 'syslogserver.exe' process running on TCP port 10617 is vulnerable. UDP is not affected. The TCP configuration is not enabled by default. Long strings can trigger the overflow.

The 'monitoring.exe' process running on TCP port 9999 is affected.

The 'topology.exe' process running on TCP port 10628 is affected. Long prefixes to the GUIADDDEVICE, ADDDEVICE, or DELETEDEVICE commands can trigger the overflow.

The 'EnterpriseSecurityAnalyzer.exe' process running on TCP port 10616 is affected. Long arguments to the LICMGR_ADDLICENSE command can trigger the overflow.

The following OEM products are also affected:

Astaro Report Manager (OEM)
Fortinet FortiReporter (OEM)
iPolicy Security Reporter (OEM)
SanMina Viking Multi-Log Manager (OEM)
Secure Computing G2 Security Reporter (OEM)
Top Layer Network Security Analyzer (OEM)

The vendor was notified on May 10, 2006.

Titon, JxT, KF, and the rest of Bastard Labs and Cody Pierce of TippingPoint Security Research Team discovered these vulnerabilities.

The original advisories are available at:

http://www.zerodayinitiative.com/advisories/TSRT-06-03.html
http://www.zerodayinitiative.com/advisories/TSRT-06-04.html
http://www.zerodayinitiative.com/advisories/ZDI-06-023.html
http://www.zerodayinitiative.com/advisories/ZDI-06-024.html
Impact:   A remote user can execute arbitrary code on the target system.
Solution:   FortiReporter is affected by the eIQnetworks Enterprise Security Analyzer 'syslogserver.exe' vulnerability. FortiNet has issued a fix (4.5.3) for FortiReporter, available at:

http://www.fortinet.com/products/fortireporter.html

The FortiNet advisory is available at:

http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-23.html
Cause:   Boundary error
Underlying OS:   Windows (2000), Windows (2003)

Message History:   This archive entry is a follow-up to the message listed below.
Jul 26 2006 eIQnetworks Enterprise Security Analyzer Buffer Overflows Let Remote Users Execute Arbitrary Code


 Source Message Contents
Date:  Mon, 31 Jul 2006 02:37:24 -0400
Subject:  FortiGuard Advisory (FGA-2006-23)



http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-23.html


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

Copyright 2013, SecurityGlobal.net LLC