cbcvebase.

Eiqnetworks Enterprise Security Analyzer vulnerabilities

4 known vulnerabilities affecting eiqnetworks/enterprise_security_analyzer.

Total CVEs
4
CISA KEV
0
Public exploits
4
Exploited in wild
0
Severity breakdown
CRITICAL2MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2006-3838P2CRITICALCVSS 10.0PoC≤ 2.4.02006-07-27
CVE-2006-3838 [CRITICAL] CWE-119 CVE-2006-3838: Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) before 2.5.0 Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) before 2.5.0, as used in products including (a) Sidewinder, (b) iPolicy Security Manager, (c) Astaro Report Manager, (d) Fortinet FortiReporter, (e) Top Layer Network Security Analyzer, and possibly other products, allow remote attackers to execute arbitrary code
nvd
CVE-2007-2059P3CRITICALCVSS 10.0PoCv2.52007-04-18
CVE-2007-2059 [CRITICAL] CVE-2007-2059: Multiple buffer overflows in the ESA protocol implementation in eIQnetworks Enterprise Security Anal Multiple buffer overflows in the ESA protocol implementation in eIQnetworks Enterprise Security Analyzer (ESA) 2.5 allow remote attackers to execute arbitrary code via a long parameter to the (1) DELETESEARCHFOLDER, (2) DELTASK, (3) HMGR_CHECKHOSTSCSV, (4) TASKUPDATEDUSER, (5) VERIFYUSERKEY, or (6) VERIFYPWD command.
nvd
CVE-2007-5699P3MEDIUMCVSS 6.8PoCv2.52007-10-29
CVE-2007-5699 [MEDIUM] CVE-2007-5699: Stack-based buffer overflow in eIQNetworks Enterprise Security Analyzer (ESA) 2.5 allows remote atta Stack-based buffer overflow in eIQNetworks Enterprise Security Analyzer (ESA) 2.5 allows remote attackers to execute arbitrary code via certain data on TCP port 10616 that results in a long argument to the SEARCHREPORT command, a different vector than CVE-2007-2059.
nvd
CVE-2007-0228P4MEDIUMCVSS 5.0PoCv2.0v2.1+1 more2007-01-13
CVE-2007-0228 [MEDIUM] CVE-2007-0228: The DataCollector service in EIQ Networks Network Security Analyzer allows remote attackers to cause The DataCollector service in EIQ Networks Network Security Analyzer allows remote attackers to cause a denial of service (service crash) via a (1) &CONNECTSERVER& (2) &ADDENTRY& (3) &FIN& (4) &START& (5) &LOGPATH& (6) &FWADELTA& (7) &FWALOG& (8) &SETSYNCHRONOUS& (9) &SETPRGFILE&, or (10) &SETREPLYPORT& string to TCP port 10618, which triggers a NULL pointer d
nvd
Eiqnetworks Enterprise Security Analyzer vulnerabilities | cvebase