CVE Vulnerabilities

CVE-2004-0362

Published: Apr 15, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm.

Affected Software

Name Vendor Start Version End Version
Blackice_agent_server Iss 3.6ebz (including) 3.6ebz (including)
Blackice_agent_server Iss 3.6eca (including) 3.6eca (including)
Blackice_agent_server Iss 3.6ecb (including) 3.6ecb (including)
Blackice_agent_server Iss 3.6ecc (including) 3.6ecc (including)
Blackice_agent_server Iss 3.6ecd (including) 3.6ecd (including)
Blackice_agent_server Iss 3.6ece (including) 3.6ece (including)
Blackice_agent_server Iss 3.6ecf (including) 3.6ecf (including)
Blackice_pc_protection Iss 3.6cbz (including) 3.6cbz (including)
Blackice_pc_protection Iss 3.6cca (including) 3.6cca (including)
Blackice_pc_protection Iss 3.6ccb (including) 3.6ccb (including)
Blackice_pc_protection Iss 3.6ccc (including) 3.6ccc (including)
Blackice_pc_protection Iss 3.6ccd (including) 3.6ccd (including)
Blackice_pc_protection Iss 3.6cce (including) 3.6cce (including)
Blackice_pc_protection Iss 3.6ccf (including) 3.6ccf (including)
Blackice_server_protection Iss 3.6cbz (including) 3.6cbz (including)
Blackice_server_protection Iss 3.6cca (including) 3.6cca (including)
Blackice_server_protection Iss 3.6ccb (including) 3.6ccb (including)
Blackice_server_protection Iss 3.6ccc (including) 3.6ccc (including)
Blackice_server_protection Iss 3.6ccd (including) 3.6ccd (including)
Blackice_server_protection Iss 3.6cce (including) 3.6cce (including)
Blackice_server_protection Iss 3.6ccf (including) 3.6ccf (including)
Realsecure_desktop Iss 3.6ebz (including) 3.6ebz (including)
Realsecure_desktop Iss 3.6eca (including) 3.6eca (including)
Realsecure_desktop Iss 3.6ecb (including) 3.6ecb (including)
Realsecure_desktop Iss 3.6ecd (including) 3.6ecd (including)
Realsecure_desktop Iss 3.6ece (including) 3.6ece (including)
Realsecure_desktop Iss 3.6ecf (including) 3.6ecf (including)
Realsecure_desktop Iss 7.0eba (including) 7.0eba (including)
Realsecure_desktop Iss 7.0ebf (including) 7.0ebf (including)
Realsecure_desktop Iss 7.0ebg (including) 7.0ebg (including)
Realsecure_desktop Iss 7.0ebh (including) 7.0ebh (including)
Realsecure_desktop Iss 7.0ebj (including) 7.0ebj (including)
Realsecure_desktop Iss 7.0ebk (including) 7.0ebk (including)
Realsecure_desktop Iss 7.0ebl (including) 7.0ebl (including)
Realsecure_guard Iss 3.6ebz (including) 3.6ebz (including)
Realsecure_guard Iss 3.6eca (including) 3.6eca (including)
Realsecure_guard Iss 3.6ecb (including) 3.6ecb (including)
Realsecure_guard Iss 3.6ecc (including) 3.6ecc (including)
Realsecure_guard Iss 3.6ecd (including) 3.6ecd (including)
Realsecure_guard Iss 3.6ece (including) 3.6ece (including)
Realsecure_guard Iss 3.6ecf (including) 3.6ecf (including)
Realsecure_network_sensor Iss 7.0 (including) 7.0 (including)
Realsecure_network_sensor Iss 7.0-xpu_20.11 (including) 7.0-xpu_20.11 (including)
Realsecure_network_sensor Iss 7.0-xpu_22.10 (including) 7.0-xpu_22.10 (including)
Realsecure_network_sensor Iss 7.0-xpu_22.4 (including) 7.0-xpu_22.4 (including)
Realsecure_network_sensor Iss 7.0-xpu_22.9 (including) 7.0-xpu_22.9 (including)
Realsecure_sentry Iss 3.6ebz (including) 3.6ebz (including)
Realsecure_sentry Iss 3.6eca (including) 3.6eca (including)
Realsecure_sentry Iss 3.6ecb (including) 3.6ecb (including)
Realsecure_sentry Iss 3.6ecc (including) 3.6ecc (including)
Realsecure_sentry Iss 3.6ecd (including) 3.6ecd (including)
Realsecure_sentry Iss 3.6ece (including) 3.6ece (including)
Realsecure_sentry Iss 3.6ecf (including) 3.6ecf (including)
Realsecure_server_sensor Iss 6.0 (including) 6.0 (including)
Realsecure_server_sensor Iss 6.0.1 (including) 6.0.1 (including)
Realsecure_server_sensor Iss 6.0.1_win_sr1.1 (including) 6.0.1_win_sr1.1 (including)
Realsecure_server_sensor Iss 6.5 (including) 6.5 (including)
Realsecure_server_sensor Iss 6.5-sr3.2 (including) 6.5-sr3.2 (including)
Realsecure_server_sensor Iss 6.5-sr3.3 (including) 6.5-sr3.3 (including)
Realsecure_server_sensor Iss 6.5_win_sr3.1 (including) 6.5_win_sr3.1 (including)
Realsecure_server_sensor Iss 6.5_win_sr3.4 (including) 6.5_win_sr3.4 (including)
Realsecure_server_sensor Iss 6.5_win_sr3.5 (including) 6.5_win_sr3.5 (including)
Realsecure_server_sensor Iss 6.5_win_sr3.6 (including) 6.5_win_sr3.6 (including)
Realsecure_server_sensor Iss 6.5_win_sr3.7 (including) 6.5_win_sr3.7 (including)
Realsecure_server_sensor Iss 6.5_win_sr3.8 (including) 6.5_win_sr3.8 (including)
Realsecure_server_sensor Iss 6.5_win_sr3.9 (including) 6.5_win_sr3.9 (including)
Realsecure_server_sensor Iss 6.5_win_sr3.10 (including) 6.5_win_sr3.10 (including)
Realsecure_server_sensor Iss 7.0-xpu22.1 (including) 7.0-xpu22.1 (including)
Realsecure_server_sensor Iss 7.0-xpu22.10 (including) 7.0-xpu22.10 (including)
Realsecure_server_sensor Iss 7.0-xpu22.11 (including) 7.0-xpu22.11 (including)
Realsecure_server_sensor Iss 7.0-xpu22.2 (including) 7.0-xpu22.2 (including)
Realsecure_server_sensor Iss 7.0-xpu22.3 (including) 7.0-xpu22.3 (including)
Realsecure_server_sensor Iss 7.0-xpu22.4 (including) 7.0-xpu22.4 (including)
Realsecure_server_sensor Iss 7.0-xpu22.5 (including) 7.0-xpu22.5 (including)
Realsecure_server_sensor Iss 7.0-xpu22.6 (including) 7.0-xpu22.6 (including)
Realsecure_server_sensor Iss 7.0-xpu22.7 (including) 7.0-xpu22.7 (including)
Realsecure_server_sensor Iss 7.0-xpu22.8 (including) 7.0-xpu22.8 (including)
Realsecure_server_sensor Iss 7.0-xpu22.9 (including) 7.0-xpu22.9 (including)

References