An unspecified remote vulnerability exists in eIQnetworks Enterprise Security Analyzer Monitoring.exe. With a specially crafted request sent to port TCP 9999, an attacker can execute arbitrary code resulting in a loss of integrity.

Upgrade to version 2.5.0 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

• CVE ID: 2006-3838 (see also: NVD)
• Secunia Advisory ID: 21211 21213 21214 21215 21217 21218
• SCIP VulDB ID: 2409 2411
• Related OSVDB ID: 27525 27526 27527 27528
• Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-07/0700.html
  http://archives.neohapsis.com/archives/fulldisclosure/2006-07/0701.html
• Vendor Specific Advisory URL: http://www.eiqnetworks.com/products/enterprisesecurity/EnterpriseSecurityAnalyzer/ESA_2.5.0_Release_Notes.pdf
• Vendor URL: http://www.toplayer.com/content/products/intrusion_detection/index.jsp
• Other Advisory URL: http://www.zerodayinitiative.com/advisories/ZDI-06-024.html
• Keyword: TCP Port 9999

• Titon - Zero Day Initiative (ZDI)
• JxT - Zero Day Initiative (ZDI)
• KF - Zero Day Initiative (ZDI)