Eeye IRIS Buffer Overflow Vulnerability

IRIS from eEye Digital Security is a protocol analyzer geared towards network management, it is currently in BETA. This product was formerly known as SpyNet CaptureNet. Certain versions of the this software are vulnerable to a remotely triggered buffer overflow attack. This attack is orchestrated by a malicious user launching multiple UDP sessions to random ports on the machine which IRIS resides on (and is in operation on). The net result of this buffer overflow is that the product ceases to function and may drive system resources to 100% before exiting. It may be possible that this overflow (a heap overflow according to the attached advisory) could result in a system compromise. No information indicating that this is the case has been released.


Privacy Statement
Copyright 2010, SecurityFocus