CVE-2011-5227

Enterasys NetSight < 4.1.0.79 - Remote Code Execution via Long PRIO Field in Syslog Message

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2011-5227. PoCs published by Metasploit, Jeremy Brown, including Metasploit module exploits/windows/misc/enterasys_netsight_syslog_bof.

AI-analyzed exploit summary This Metasploit module exploits a stack buffer overflow in Enterasys NetSight's Syslog service (nssyslogd.exe) via a crafted PRIO field in a syslog message. It achieves remote code execution by leveraging ROP gadgets and stack pivoting techniques.

Description

Stack-based buffer overflow in the Syslog service (nssyslogd.exe) in Enterasys Network Management Suite (NMS) before 4.1.0.80 allows remote attackers to execute arbitrary code via a long PRIO field in a message to UDP port 514.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/23887

This Metasploit module exploits a stack buffer overflow in Enterasys NetSight's Syslog service (nssyslogd.exe) via a crafted PRIO field in a syslog message. It achieves remote code execution by leveraging ROP gadgets and stack pivoting techniques.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Enterasys NetSight 4.0.1.34
No auth needed
Prerequisites: Network access to UDP port 514 · Target running vulnerable Enterasys NetSight version
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC NORMAL
by Jeremy Brown · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/enterasys_netsight_syslog_bof.rb

This Metasploit module exploits a stack buffer overflow in Enterasys NetSight's Syslog service (nssyslogd.exe) via a crafted PRIO field in a syslog message. It achieves remote code execution by leveraging stack pivoting and ROP chains tailored for Windows XP SP3 and Windows 2003 SP2.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Enterasys NetSight 4.0.1.34
No auth needed
Prerequisites: Network access to UDP port 514 · Target running vulnerable Enterasys NetSight version
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (6)

Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/71889
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1026440
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/47263
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-11-350/

Scores

EPSS 0.7695
EPSS Percentile 99.5%

Details

CWE
CWE-119
Status published
Products (1)
enterasys/netsight < 4.1.0.79 (2 CPE variants)
Published Oct 25, 2012
Tracked Since Feb 18, 2026