Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Realsecure_server_sensor | Iss | 7.0 | 7.0 |
Realsecure_server_sensor | Iss | 6.5 | 6.5 |
Realsecure_network_sensor | Iss | 7.0 | 7.0 |
Realsecure_desktop | Iss | 7.0ebg | 7.0ebg |
Realsecure_guard | Iss | 3.6ecb | 3.6ecb |
Realsecure_desktop | Iss | 7.0ebh | 7.0ebh |
Realsecure_server_sensor | Iss | 7.0 | 7.0 |
Blackice_pc_protection | Iss | 3.6ccf | 3.6ccf |
Realsecure_sentry | Iss | 3.6ece | 3.6ece |
Realsecure_desktop | Iss | 3.6ebz | 3.6ebz |
Blackice_pc_protection | Iss | 3.6ccb | 3.6ccb |
Realsecure_sentry | Iss | 3.6ecf | 3.6ecf |
Realsecure_server_sensor | Iss | 6.5_win_sr3.4 | 6.5_win_sr3.4 |
Realsecure_guard | Iss | 3.6ece | 3.6ece |
Realsecure_server_sensor | Iss | 6.0 | 6.0 |
Realsecure_desktop | Iss | 3.6ecd | 3.6ecd |
Realsecure_guard | Iss | 3.6eca | 3.6eca |
Blackice_pc_protection | Iss | 3.6cbz | 3.6cbz |
Realsecure_network_sensor | Iss | 7.0 | 7.0 |
Blackice_pc_protection | Iss | 3.6cce | 3.6cce |
Realsecure_desktop | Iss | 7.0ebj | 7.0ebj |
Realsecure_server_sensor | Iss | 7.0 | 7.0 |
Realsecure_server_sensor | Iss | 6.5 | 6.5 |
Realsecure_server_sensor | Iss | 6.5_win_sr3.9 | 6.5_win_sr3.9 |
Realsecure_guard | Iss | 3.6ebz | 3.6ebz |
Blackice_pc_protection | Iss | 3.6cca | 3.6cca |
Blackice_agent_server | Iss | 3.6ecc | 3.6ecc |
Realsecure_server_sensor | Iss | 7.0 | 7.0 |
Realsecure_sentry | Iss | 3.6ebz | 3.6ebz |
Realsecure_desktop | Iss | 3.6ecf | 3.6ecf |
Realsecure_desktop | Iss | 3.6ecb | 3.6ecb |
Realsecure_guard | Iss | 3.6ecd | 3.6ecd |
Realsecure_desktop | Iss | 7.0eba | 7.0eba |
Realsecure_server_sensor | Iss | 7.0 | 7.0 |
Realsecure_sentry | Iss | 3.6ecc | 3.6ecc |
Realsecure_server_sensor | Iss | 6.5_win_sr3.5 | 6.5_win_sr3.5 |
Blackice_server_protection | Iss | 3.6ccb | 3.6ccb |
Realsecure_network_sensor | Iss | 7.0 | 7.0 |
Blackice_agent_server | Iss | 3.6ecb | 3.6ecb |
Realsecure_server_sensor | Iss | 6.5_win_sr3.7 | 6.5_win_sr3.7 |
Realsecure_desktop | Iss | 7.0ebk | 7.0ebk |
Blackice_pc_protection | Iss | 3.6ccd | 3.6ccd |
Realsecure_server_sensor | Iss | 6.0.1_win_sr1.1 | 6.0.1_win_sr1.1 |
Realsecure_desktop | Iss | 7.0ebl | 7.0ebl |
Blackice_agent_server | Iss | 3.6ebz | 3.6ebz |
Realsecure_server_sensor | Iss | 6.5_win_sr3.6 | 6.5_win_sr3.6 |
Blackice_agent_server | Iss | 3.6ece | 3.6ece |
Realsecure_server_sensor | Iss | 6.5 | 6.5 |
Blackice_server_protection | Iss | 3.6cce | 3.6cce |
Blackice_pc_protection | Iss | 3.6ccc | 3.6ccc |
Realsecure_network_sensor | Iss | 7.0 | 7.0 |
Realsecure_server_sensor | Iss | 7.0 | 7.0 |
Blackice_server_protection | Iss | 3.6ccd | 3.6ccd |
Realsecure_guard | Iss | 3.6ecf | 3.6ecf |
Realsecure_desktop | Iss | 7.0ebf | 7.0ebf |
Blackice_server_protection | Iss | 3.6cca | 3.6cca |
Realsecure_desktop | Iss | 3.6ece | 3.6ece |
Blackice_agent_server | Iss | 3.6ecd | 3.6ecd |
Blackice_agent_server | Iss | 3.6eca | 3.6eca |
Realsecure_guard | Iss | 3.6ecc | 3.6ecc |
Realsecure_server_sensor | Iss | 6.5_win_sr3.1 | 6.5_win_sr3.1 |
Realsecure_server_sensor | Iss | 7.0 | 7.0 |
Realsecure_server_sensor | Iss | 7.0 | 7.0 |
Realsecure_sentry | Iss | 3.6ecd | 3.6ecd |
Blackice_agent_server | Iss | 3.6ecf | 3.6ecf |
Realsecure_server_sensor | Iss | 7.0 | 7.0 |
Realsecure_server_sensor | Iss | 6.5_win_sr3.10 | 6.5_win_sr3.10 |
Realsecure_sentry | Iss | 3.6eca | 3.6eca |
Realsecure_server_sensor | Iss | 6.0.1 | 6.0.1 |
Blackice_server_protection | Iss | 3.6ccc | 3.6ccc |
Blackice_server_protection | Iss | 3.6cbz | 3.6cbz |
Realsecure_sentry | Iss | 3.6ecb | 3.6ecb |
Realsecure_desktop | Iss | 3.6eca | 3.6eca |
Realsecure_server_sensor | Iss | 7.0 | 7.0 |
Realsecure_server_sensor | Iss | 7.0 | 7.0 |
Blackice_server_protection | Iss | 3.6ccf | 3.6ccf |
Realsecure_network_sensor | Iss | 7.0 | 7.0 |
Realsecure_server_sensor | Iss | 6.5_win_sr3.8 | 6.5_win_sr3.8 |