Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Blackice_agent_server | Iss | 3.6ebz (including) | 3.6ebz (including) |
Blackice_agent_server | Iss | 3.6eca (including) | 3.6eca (including) |
Blackice_agent_server | Iss | 3.6ecb (including) | 3.6ecb (including) |
Blackice_agent_server | Iss | 3.6ecc (including) | 3.6ecc (including) |
Blackice_agent_server | Iss | 3.6ecd (including) | 3.6ecd (including) |
Blackice_agent_server | Iss | 3.6ece (including) | 3.6ece (including) |
Blackice_agent_server | Iss | 3.6ecf (including) | 3.6ecf (including) |
Blackice_pc_protection | Iss | 3.6cbz (including) | 3.6cbz (including) |
Blackice_pc_protection | Iss | 3.6cca (including) | 3.6cca (including) |
Blackice_pc_protection | Iss | 3.6ccb (including) | 3.6ccb (including) |
Blackice_pc_protection | Iss | 3.6ccc (including) | 3.6ccc (including) |
Blackice_pc_protection | Iss | 3.6ccd (including) | 3.6ccd (including) |
Blackice_pc_protection | Iss | 3.6cce (including) | 3.6cce (including) |
Blackice_pc_protection | Iss | 3.6ccf (including) | 3.6ccf (including) |
Blackice_server_protection | Iss | 3.6cbz (including) | 3.6cbz (including) |
Blackice_server_protection | Iss | 3.6cca (including) | 3.6cca (including) |
Blackice_server_protection | Iss | 3.6ccb (including) | 3.6ccb (including) |
Blackice_server_protection | Iss | 3.6ccc (including) | 3.6ccc (including) |
Blackice_server_protection | Iss | 3.6ccd (including) | 3.6ccd (including) |
Blackice_server_protection | Iss | 3.6cce (including) | 3.6cce (including) |
Blackice_server_protection | Iss | 3.6ccf (including) | 3.6ccf (including) |
Realsecure_desktop | Iss | 3.6ebz (including) | 3.6ebz (including) |
Realsecure_desktop | Iss | 3.6eca (including) | 3.6eca (including) |
Realsecure_desktop | Iss | 3.6ecb (including) | 3.6ecb (including) |
Realsecure_desktop | Iss | 3.6ecd (including) | 3.6ecd (including) |
Realsecure_desktop | Iss | 3.6ece (including) | 3.6ece (including) |
Realsecure_desktop | Iss | 3.6ecf (including) | 3.6ecf (including) |
Realsecure_desktop | Iss | 7.0eba (including) | 7.0eba (including) |
Realsecure_desktop | Iss | 7.0ebf (including) | 7.0ebf (including) |
Realsecure_desktop | Iss | 7.0ebg (including) | 7.0ebg (including) |
Realsecure_desktop | Iss | 7.0ebh (including) | 7.0ebh (including) |
Realsecure_desktop | Iss | 7.0ebj (including) | 7.0ebj (including) |
Realsecure_desktop | Iss | 7.0ebk (including) | 7.0ebk (including) |
Realsecure_desktop | Iss | 7.0ebl (including) | 7.0ebl (including) |
Realsecure_guard | Iss | 3.6ebz (including) | 3.6ebz (including) |
Realsecure_guard | Iss | 3.6eca (including) | 3.6eca (including) |
Realsecure_guard | Iss | 3.6ecb (including) | 3.6ecb (including) |
Realsecure_guard | Iss | 3.6ecc (including) | 3.6ecc (including) |
Realsecure_guard | Iss | 3.6ecd (including) | 3.6ecd (including) |
Realsecure_guard | Iss | 3.6ece (including) | 3.6ece (including) |
Realsecure_guard | Iss | 3.6ecf (including) | 3.6ecf (including) |
Realsecure_network_sensor | Iss | 7.0 (including) | 7.0 (including) |
Realsecure_network_sensor | Iss | 7.0-xpu_20.11 (including) | 7.0-xpu_20.11 (including) |
Realsecure_network_sensor | Iss | 7.0-xpu_22.10 (including) | 7.0-xpu_22.10 (including) |
Realsecure_network_sensor | Iss | 7.0-xpu_22.4 (including) | 7.0-xpu_22.4 (including) |
Realsecure_network_sensor | Iss | 7.0-xpu_22.9 (including) | 7.0-xpu_22.9 (including) |
Realsecure_sentry | Iss | 3.6ebz (including) | 3.6ebz (including) |
Realsecure_sentry | Iss | 3.6eca (including) | 3.6eca (including) |
Realsecure_sentry | Iss | 3.6ecb (including) | 3.6ecb (including) |
Realsecure_sentry | Iss | 3.6ecc (including) | 3.6ecc (including) |
Realsecure_sentry | Iss | 3.6ecd (including) | 3.6ecd (including) |
Realsecure_sentry | Iss | 3.6ece (including) | 3.6ece (including) |
Realsecure_sentry | Iss | 3.6ecf (including) | 3.6ecf (including) |
Realsecure_server_sensor | Iss | 6.0 (including) | 6.0 (including) |
Realsecure_server_sensor | Iss | 6.0.1 (including) | 6.0.1 (including) |
Realsecure_server_sensor | Iss | 6.0.1_win_sr1.1 (including) | 6.0.1_win_sr1.1 (including) |
Realsecure_server_sensor | Iss | 6.5 (including) | 6.5 (including) |
Realsecure_server_sensor | Iss | 6.5-sr3.2 (including) | 6.5-sr3.2 (including) |
Realsecure_server_sensor | Iss | 6.5-sr3.3 (including) | 6.5-sr3.3 (including) |
Realsecure_server_sensor | Iss | 6.5_win_sr3.1 (including) | 6.5_win_sr3.1 (including) |
Realsecure_server_sensor | Iss | 6.5_win_sr3.4 (including) | 6.5_win_sr3.4 (including) |
Realsecure_server_sensor | Iss | 6.5_win_sr3.5 (including) | 6.5_win_sr3.5 (including) |
Realsecure_server_sensor | Iss | 6.5_win_sr3.6 (including) | 6.5_win_sr3.6 (including) |
Realsecure_server_sensor | Iss | 6.5_win_sr3.7 (including) | 6.5_win_sr3.7 (including) |
Realsecure_server_sensor | Iss | 6.5_win_sr3.8 (including) | 6.5_win_sr3.8 (including) |
Realsecure_server_sensor | Iss | 6.5_win_sr3.9 (including) | 6.5_win_sr3.9 (including) |
Realsecure_server_sensor | Iss | 6.5_win_sr3.10 (including) | 6.5_win_sr3.10 (including) |
Realsecure_server_sensor | Iss | 7.0-xpu22.1 (including) | 7.0-xpu22.1 (including) |
Realsecure_server_sensor | Iss | 7.0-xpu22.10 (including) | 7.0-xpu22.10 (including) |
Realsecure_server_sensor | Iss | 7.0-xpu22.11 (including) | 7.0-xpu22.11 (including) |
Realsecure_server_sensor | Iss | 7.0-xpu22.2 (including) | 7.0-xpu22.2 (including) |
Realsecure_server_sensor | Iss | 7.0-xpu22.3 (including) | 7.0-xpu22.3 (including) |
Realsecure_server_sensor | Iss | 7.0-xpu22.4 (including) | 7.0-xpu22.4 (including) |
Realsecure_server_sensor | Iss | 7.0-xpu22.5 (including) | 7.0-xpu22.5 (including) |
Realsecure_server_sensor | Iss | 7.0-xpu22.6 (including) | 7.0-xpu22.6 (including) |
Realsecure_server_sensor | Iss | 7.0-xpu22.7 (including) | 7.0-xpu22.7 (including) |
Realsecure_server_sensor | Iss | 7.0-xpu22.8 (including) | 7.0-xpu22.8 (including) |
Realsecure_server_sensor | Iss | 7.0-xpu22.9 (including) | 7.0-xpu22.9 (including) |