Analog contains a flaw that allows a local or remote user (depending on configuration) to gain administrative privileges. The issue is due to a buffer overflow in the ALIAS command. With a specially crafted request, an attacker can gain admin privileges resulting in a loss of integrity.
Upgrade to version 4.16 or higher, as it has been reported to fix this
vulnerability. An upgrade is required as there are no known workarounds.