CVE Vulnerabilities

CVE-2004-0362

Published: Apr 15, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm.

Affected Software

Name Vendor Start Version End Version
Realsecure_server_sensor Iss 7.0 7.0
Realsecure_server_sensor Iss 6.5 6.5
Realsecure_network_sensor Iss 7.0 7.0
Realsecure_desktop Iss 7.0ebg 7.0ebg
Realsecure_guard Iss 3.6ecb 3.6ecb
Realsecure_desktop Iss 7.0ebh 7.0ebh
Realsecure_server_sensor Iss 7.0 7.0
Blackice_pc_protection Iss 3.6ccf 3.6ccf
Realsecure_sentry Iss 3.6ece 3.6ece
Realsecure_desktop Iss 3.6ebz 3.6ebz
Blackice_pc_protection Iss 3.6ccb 3.6ccb
Realsecure_sentry Iss 3.6ecf 3.6ecf
Realsecure_server_sensor Iss 6.5_win_sr3.4 6.5_win_sr3.4
Realsecure_guard Iss 3.6ece 3.6ece
Realsecure_server_sensor Iss 6.0 6.0
Realsecure_desktop Iss 3.6ecd 3.6ecd
Realsecure_guard Iss 3.6eca 3.6eca
Blackice_pc_protection Iss 3.6cbz 3.6cbz
Realsecure_network_sensor Iss 7.0 7.0
Blackice_pc_protection Iss 3.6cce 3.6cce
Realsecure_desktop Iss 7.0ebj 7.0ebj
Realsecure_server_sensor Iss 7.0 7.0
Realsecure_server_sensor Iss 6.5 6.5
Realsecure_server_sensor Iss 6.5_win_sr3.9 6.5_win_sr3.9
Realsecure_guard Iss 3.6ebz 3.6ebz
Blackice_pc_protection Iss 3.6cca 3.6cca
Blackice_agent_server Iss 3.6ecc 3.6ecc
Realsecure_server_sensor Iss 7.0 7.0
Realsecure_sentry Iss 3.6ebz 3.6ebz
Realsecure_desktop Iss 3.6ecf 3.6ecf
Realsecure_desktop Iss 3.6ecb 3.6ecb
Realsecure_guard Iss 3.6ecd 3.6ecd
Realsecure_desktop Iss 7.0eba 7.0eba
Realsecure_server_sensor Iss 7.0 7.0
Realsecure_sentry Iss 3.6ecc 3.6ecc
Realsecure_server_sensor Iss 6.5_win_sr3.5 6.5_win_sr3.5
Blackice_server_protection Iss 3.6ccb 3.6ccb
Realsecure_network_sensor Iss 7.0 7.0
Blackice_agent_server Iss 3.6ecb 3.6ecb
Realsecure_server_sensor Iss 6.5_win_sr3.7 6.5_win_sr3.7
Realsecure_desktop Iss 7.0ebk 7.0ebk
Blackice_pc_protection Iss 3.6ccd 3.6ccd
Realsecure_server_sensor Iss 6.0.1_win_sr1.1 6.0.1_win_sr1.1
Realsecure_desktop Iss 7.0ebl 7.0ebl
Blackice_agent_server Iss 3.6ebz 3.6ebz
Realsecure_server_sensor Iss 6.5_win_sr3.6 6.5_win_sr3.6
Blackice_agent_server Iss 3.6ece 3.6ece
Realsecure_server_sensor Iss 6.5 6.5
Blackice_server_protection Iss 3.6cce 3.6cce
Blackice_pc_protection Iss 3.6ccc 3.6ccc
Realsecure_network_sensor Iss 7.0 7.0
Realsecure_server_sensor Iss 7.0 7.0
Blackice_server_protection Iss 3.6ccd 3.6ccd
Realsecure_guard Iss 3.6ecf 3.6ecf
Realsecure_desktop Iss 7.0ebf 7.0ebf
Blackice_server_protection Iss 3.6cca 3.6cca
Realsecure_desktop Iss 3.6ece 3.6ece
Blackice_agent_server Iss 3.6ecd 3.6ecd
Blackice_agent_server Iss 3.6eca 3.6eca
Realsecure_guard Iss 3.6ecc 3.6ecc
Realsecure_server_sensor Iss 6.5_win_sr3.1 6.5_win_sr3.1
Realsecure_server_sensor Iss 7.0 7.0
Realsecure_server_sensor Iss 7.0 7.0
Realsecure_sentry Iss 3.6ecd 3.6ecd
Blackice_agent_server Iss 3.6ecf 3.6ecf
Realsecure_server_sensor Iss 7.0 7.0
Realsecure_server_sensor Iss 6.5_win_sr3.10 6.5_win_sr3.10
Realsecure_sentry Iss 3.6eca 3.6eca
Realsecure_server_sensor Iss 6.0.1 6.0.1
Blackice_server_protection Iss 3.6ccc 3.6ccc
Blackice_server_protection Iss 3.6cbz 3.6cbz
Realsecure_sentry Iss 3.6ecb 3.6ecb
Realsecure_desktop Iss 3.6eca 3.6eca
Realsecure_server_sensor Iss 7.0 7.0
Realsecure_server_sensor Iss 7.0 7.0
Blackice_server_protection Iss 3.6ccf 3.6ccf
Realsecure_network_sensor Iss 7.0 7.0
Realsecure_server_sensor Iss 6.5_win_sr3.8 6.5_win_sr3.8

References