GEN:SID | 1:2489 |
Message | EXPLOIT esignal STREAMQUOTE buffer overflow attempt |
Summary | This event is generated when an attempt is made to exploit a buffer overflow associated with eSignal software.
|
Impact | A successful attack may allow the execution of arbitrary code with LOCAL_SYSTEM privilege on a vulnerable host.
|
Detailed Information | eSignal software provides real-time stock market data to client hosts. There is a vulnerability associated with eSignal that may cause a buffer overflow, permitting the execution of arbitrary code with the context of LOCAL_SYSTEM. The buffer overflow occurs when a larger than expected data payload is supplied for certain message exchanges.
|
Affected Systems | eSignal versions 7.5 and 7.6
|
Attack Scenarios | An attacker can create and send a malformed eSignal message that may cause a buffer overflow and allow the subsequent execution of arbitrary code with the context of LOCAL_SYSTEM.
|
Ease of Attack | Simple.
|
Corrective Action | Upgrade to the latest non-affected version of the software.
|
Additional References | |
Rule References | bugtraq: 9978
|