CVE Vulnerabilities

CVE-2004-1714

Published: Aug 11, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
2.1 LOW
AV:L/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.ini and (4) protect.ini with Everyone Full Control permissions, which allows local users to cause a denial of service (crash) or modify configuration, as demonstrated by modifying firewall.ini to contain a large firewall rule.

Affected Software

Name Vendor Start Version End Version
Blackice_pc_protection Iss 3.6cbd 3.6cbd
Blackice_pc_protection Iss 3.6cbr 3.6cbr
Blackice_pc_protection Iss 3.6cbz 3.6cbz
Blackice_pc_protection Iss 3.6cca 3.6cca
Blackice_pc_protection Iss 3.6ccb 3.6ccb
Blackice_pc_protection Iss 3.6ccc 3.6ccc
Blackice_pc_protection Iss 3.6ccd 3.6ccd
Blackice_pc_protection Iss 3.6cce 3.6cce
Blackice_pc_protection Iss 3.6ccf 3.6ccf
Blackice_pc_protection Iss 3.6ccg 3.6ccg
Blackice_server_protection Iss 3.5cdf 3.5cdf
Blackice_server_protection Iss 3.6cbz 3.6cbz
Blackice_server_protection Iss 3.6cca 3.6cca
Blackice_server_protection Iss 3.6ccb 3.6ccb
Blackice_server_protection Iss 3.6ccc 3.6ccc
Blackice_server_protection Iss 3.6ccd 3.6ccd
Blackice_server_protection Iss 3.6cce 3.6cce
Blackice_server_protection Iss 3.6ccf 3.6ccf
Blackice_server_protection Iss 3.6ccg 3.6ccg
Blackice_server_protection Iss 3.6cch 3.6cch
Blackice_server_protection Iss 3.6cno 3.6cno

References