Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
60 vulnerabilities by ISS
VAR-200403-0064
Vulnerability from variot - Updated: 2023-12-18 14:02Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Server Protection 3.6, allows remote attackers to execute arbitrary code via an SMB packet containing an authentication request with a long username. Internet Security Systems' BlackICE and RealSecure intrusion detection products contain a remotely exploitable vulnerability. Exploitation of this vulnerability could lead to the compromise of the system with privileges of the vulnerable process, typically the "SYSTEM" user. The issue exists in the SMB parsing routines provided by the module and is due to insufficient bounds checking of protocol fields. This issue could potentially be exploited to execute arbitrary code on systems hosting the vulnerable software, potentially resulting in system compromise. RealSecure and BlackICE are host-based intrusion detection/prevention systems offered by ISS that identify and block network attacks and intrusions. Remote attackers can exploit this vulnerability to carry out buffer overflow attacks and execute arbitrary commands on the host with system privileges. Protocol Analysis Module (Protocol Analysis Module) is used to analyze network protocols to perform further analysis and attack detection. One of the supported protocols is the SMB protocol. SMB provides a mechanism for clients to remotely access resources such as files, printers, and named pipes. Because the PAM protocol analysis module lacks sufficient boundary checks in the parsing of \"Setup AndX\" SMB requests, the result can lead to remote attackers submitting SMB \"Setup AndX\" whose AccountName parameter contains a character string exceeding 300 bytes or longer " request, which can trigger a heap-based overflow. However, in some products, heap protection can detect these memory corruptions and restart PAM components to clean up the heap content. SMB parsing is state-based in PAM, and can only be triggered by establishing a real SMB connection with the server in the network through TCP/IP
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200403-0064",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "realsecure desktop",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "3.6ecf"
},
{
"model": "blackice pc protection",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "3.6cbd"
},
{
"model": "realsecure desktop",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "7.0epk"
},
{
"model": "realsecure desktop",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "3.6eca"
},
{
"model": "blackice server protection",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "3.6cbz"
},
{
"model": "realsecure sentry",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "3.6ecf"
},
{
"model": "realsecure network",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "7.0"
},
{
"model": "blackice agent server",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "3.6eca"
},
{
"model": "realsecure guard",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "3.6ecb"
},
{
"model": "realsecure desktop",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "7.0ebg"
},
{
"model": "proventia m series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "1.30"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "22.3"
},
{
"model": "realsecure server sensor",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "7.0"
},
{
"model": "proventia a series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "20.15"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet security",
"version": null
},
{
"model": "realsecure network sensor",
"scope": "eq",
"trust": 0.8,
"vendor": "the internet security",
"version": "7.0"
},
{
"model": "realsecure server sensor",
"scope": "eq",
"trust": 0.8,
"vendor": "the internet security",
"version": "7.0"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.9"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.020.19"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.020.18"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.020.16"
},
{
"model": "security systems realsecure sentry ecb",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure sentry ebr",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure network sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.9"
},
{
"model": "security systems realsecure network sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.020.11"
},
{
"model": "security systems realsecure guard ecb",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure guard ebr",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure desktop ebh",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.0"
},
{
"model": "security systems realsecure desktop ebg",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.0"
},
{
"model": "security systems realsecure desktop eba",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.0"
},
{
"model": "security systems realsecure desktop ecb",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure desktop eca",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure desktop ebr",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems proventia m series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "1.7"
},
{
"model": "security systems proventia m series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "1.3"
},
{
"model": "security systems proventia a series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "22.9"
},
{
"model": "security systems proventia a series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "20.15"
},
{
"model": "security systems blackice server protection ccb",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection cbz",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection cbr",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice pc protection ccb",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice pc protection cbr",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice pc protection .cbz",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "22.9"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "22.3"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.10"
},
{
"model": "security systems realsecure sentry ecd",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure network sensor xpu",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.10"
},
{
"model": "security systems realsecure guard ecd",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure desktop ebj",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "7.0"
},
{
"model": "security systems realsecure desktop ecd",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems proventia m series xpu",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "1.8"
},
{
"model": "security systems proventia a series xpu",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "22.10"
},
{
"model": "security systems blackice server protection ccd",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice pc protection ccd",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "proventia g series xpu",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "22.10"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#150326"
},
{
"db": "BID",
"id": "9752"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000059"
},
{
"db": "NVD",
"id": "CVE-2004-0193"
},
{
"db": "CNNVD",
"id": "CNNVD-200403-071"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_agent_server:3.6eca:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_guard:3.6ecb:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_network:7.0:xpu_20.15:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_sentry:3.6ecf:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_desktop:3.6eca:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_desktop:3.6ecf:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_desktop:7.0ebg:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_desktop:7.0epk:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_pc_protection:3.6cbd:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_server_protection:3.6cbz:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu20.16:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_a_series_xpu:20.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_g_series_xpu:22.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_m_series_xpu:1.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0193"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "eEye info@eEye.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200403-071"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0193",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2004-0193",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-8623",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-0193",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#150326",
"trust": 0.8,
"value": "12.12"
},
{
"author": "CNNVD",
"id": "CNNVD-200403-071",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-8623",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#150326"
},
{
"db": "VULHUB",
"id": "VHN-8623"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000059"
},
{
"db": "NVD",
"id": "CVE-2004-0193"
},
{
"db": "CNNVD",
"id": "CNNVD-200403-071"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Server Protection 3.6, allows remote attackers to execute arbitrary code via an SMB packet containing an authentication request with a long username. Internet Security Systems\u0027 BlackICE and RealSecure intrusion detection products contain a remotely exploitable vulnerability. Exploitation of this vulnerability could lead to the compromise of the system with privileges of the vulnerable process, typically the \"SYSTEM\" user. The issue exists in the SMB parsing routines provided by the module and is due to insufficient bounds checking of protocol fields. \nThis issue could potentially be exploited to execute arbitrary code on systems hosting the vulnerable software, potentially resulting in system compromise. RealSecure and BlackICE are host-based intrusion detection/prevention systems offered by ISS that identify and block network attacks and intrusions. Remote attackers can exploit this vulnerability to carry out buffer overflow attacks and execute arbitrary commands on the host with system privileges. Protocol Analysis Module (Protocol Analysis Module) is used to analyze network protocols to perform further analysis and attack detection. One of the supported protocols is the SMB protocol. SMB provides a mechanism for clients to remotely access resources such as files, printers, and named pipes. Because the PAM protocol analysis module lacks sufficient boundary checks in the parsing of \\\"Setup AndX\\\" SMB requests, the result can lead to remote attackers submitting SMB \\\"Setup AndX\\\" whose AccountName parameter contains a character string exceeding 300 bytes or longer \" request, which can trigger a heap-based overflow. However, in some products, heap protection can detect these memory corruptions and restart PAM components to clean up the heap content. SMB parsing is state-based in PAM, and can only be triggered by establishing a real SMB connection with the server in the network through TCP/IP",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0193"
},
{
"db": "CERT/CC",
"id": "VU#150326"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000059"
},
{
"db": "BID",
"id": "9752"
},
{
"db": "VULHUB",
"id": "VHN-8623"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#150326",
"trust": 3.3
},
{
"db": "BID",
"id": "9752",
"trust": 2.8
},
{
"db": "NVD",
"id": "CVE-2004-0193",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "10988",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "4072",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000059",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200403-071",
"trust": 0.7
},
{
"db": "ISS",
"id": "20040226 VULNERABILITY IN SMB PARSING IN ISS PRODUCTS",
"trust": 0.6
},
{
"db": "EEYE",
"id": "AD20040226",
"trust": 0.6
},
{
"db": "XF",
"id": "15207",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20040227 EEYE: REALSECURE/BLACKICE SERVER MESSAGE BLOCK (SMB) PROCESSING OVERFLOW",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-8623",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#150326"
},
{
"db": "VULHUB",
"id": "VHN-8623"
},
{
"db": "BID",
"id": "9752"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000059"
},
{
"db": "NVD",
"id": "CVE-2004-0193"
},
{
"db": "CNNVD",
"id": "CNNVD-200403-071"
}
]
},
"id": "VAR-200403-0064",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-8623"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T14:02:51.726000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.isskk.co.jp/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000059"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0193"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://www.eeye.com/html/research/advisories/ad20040226.html"
},
{
"trust": 2.8,
"url": "http://xforce.iss.net/xforce/alerts/id/165"
},
{
"trust": 2.5,
"url": "http://www.eeye.com/html/research/upcoming/20040213.html"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/9752"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/150326"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/4072"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/10988"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=107789851117176\u0026w=2"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15207"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0193"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-0193"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/15207"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=107789851117176\u0026w=2"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#150326"
},
{
"db": "VULHUB",
"id": "VHN-8623"
},
{
"db": "BID",
"id": "9752"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000059"
},
{
"db": "NVD",
"id": "CVE-2004-0193"
},
{
"db": "CNNVD",
"id": "CNNVD-200403-071"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#150326"
},
{
"db": "VULHUB",
"id": "VHN-8623"
},
{
"db": "BID",
"id": "9752"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000059"
},
{
"db": "NVD",
"id": "CVE-2004-0193"
},
{
"db": "CNNVD",
"id": "CNNVD-200403-071"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-02-27T00:00:00",
"db": "CERT/CC",
"id": "VU#150326"
},
{
"date": "2004-03-15T00:00:00",
"db": "VULHUB",
"id": "VHN-8623"
},
{
"date": "2004-02-26T00:00:00",
"db": "BID",
"id": "9752"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000059"
},
{
"date": "2004-03-15T05:00:00",
"db": "NVD",
"id": "CVE-2004-0193"
},
{
"date": "2004-02-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200403-071"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-02-27T00:00:00",
"db": "CERT/CC",
"id": "VU#150326"
},
{
"date": "2017-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-8623"
},
{
"date": "2004-02-26T00:00:00",
"db": "BID",
"id": "9752"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000059"
},
{
"date": "2017-10-10T01:30:19.173000",
"db": "NVD",
"id": "CVE-2004-0193"
},
{
"date": "2005-05-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200403-071"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200403-071"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Internet Security Systems\u0027 BlackICE and RealSecure contain a heap overflow in the processing of SMB packets",
"sources": [
{
"db": "CERT/CC",
"id": "VU#150326"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "9752"
},
{
"db": "CNNVD",
"id": "CNNVD-200403-071"
}
],
"trust": 0.9
}
}
VAR-200607-0397
Vulnerability from variot - Updated: 2023-12-18 13:45The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode. ISS The product includes 2006 Year 7 Monthly release XPU include "SMB_MailSlot_Heap_Overflow" Defect in decoding, certain legitimate SMB Mailslot When analyzing traffic, Protocol Analysis Module (PAM) Engine stops responding to subsequent traffic and disrupts service operation (DoS) There is a vulnerability that becomes a condition.ISS Protection product interferes with service operation (DoS) It may be in a state. The Internet Security Systems implementation of SMB/TCP Mailslot is prone to a denial-of-service vulnerability. This issue is due to a design error when dealing with certain legitimate SMB Mailslot traffic. An attacker can exploit this issue to crash the affected service, effectively denying service to legitimate users. ISS is an internationally renowned security vendor that provides a variety of firewalls and intrusion detection devices. An attacker only needs to send a single packet to trigger this vulnerability without actually establishing an SMB session.
Hardcore Disassembler / Reverse Engineer Wanted!
Want to work with IDA and BinDiff? Want to write PoC's and Exploits?
Your nationality is not important. We will get you a work permit, find an apartment, and offer a relocation compensation package.
Successful exploitation causes the application or system to stop responding.
SOLUTION: Update to a fixed version (see vendor advisory for details).
ORIGINAL ADVISORY: ISS: http://xforce.iss.net/xforce/alerts/id/230 https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630
NSFocus: http://www.nsfocus.com/english/homepage/research/0607.htm
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. NSFOCUS Security Advisory (SA2006-07)
ISS RealSecure/BlackICE MailSlot Heap Overflow Detection Remote DoS Vulnerability
Release Date: 2006-07-27
CVE ID: CVE-2006-3840
http://www.nsfocus.com/english/homepage/research/0607.htm
Affected systems & software
RealSecure Network Sensor 7.0 Proventia A Series Proventia G Series Proventia M Series RealSecure Server Sensor 7.0 Proventia Server RealSecure Desktop 7.0 Proventia Desktop BlackICE PC Protection 3.6 BlackICE Server Protection 3.6
Unaffected systems & software
Summary
NSFocus Security Team discovered a remote DoS vulnerability in ISS RealSecure/ BlackICE products lines' detection of MailSlot Heap Overflow (MS06-035). By sending a specific SMB MailSlot packet it's possible to cause DoS in ISS protection products.
Description
There is a DoS vulnerability in ISS protection products' detection of SMB_MailSlot_Heap_Overflow (MS06-035/KB917159). By sending a specific SMB MailSlot packet it's possible to cause an infinite loop to occur in the detection code, and the ISS product or even the operating system will stop to respond. For example, for BlackICE the vulnerability might cause the inerruption of the network traffic, and an approximately 100% CPU utilization. STOP BlackICE engine will not restore normal operation. Instead OS restart is required.
This vulnerability can be triggered by a single packet. The establishment of a real SMB session is not required.
Workaround
Block ports TCP/445 and TCP/139 at the firewall.
Vendor Status
2006.07.24 Informed the vendor 2006.07.25 Vendor confirmed the vulnerability 2006.07.26 ISS has released a security alert and related patches.
For more details about the security alert, please refer to: http://xforce.iss.net/xforce/alerts/id/230
ISS has released the following XPUs to fix this vulnerability:
RealSecure Network 7.0, XPU 24.40 Proventia A Series, XPU 24.40 Proventia G Series, XPU 24.40/1.79 Proventia M Series, XPU 1.79 RealSecure Server Sensor 7.0, XPU 24.40 Proventia Server 1.0.914.1880 RealSecure Desktop 7.0 epk Proventia Desktop 8.0.812.1790/8.0.675.1790 BlackICE PC Protection 3.6 cpk BlackICE Server Protection 3.6 cpk
Additional Information
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2006-3840 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org), which standardizes names for security problems. Candidates may change significantly before they become official CVE entries.
Acknowledgment
Chen Qing of NSFocus Security Team found the vulnerability.
DISCLAIMS
THE INFORMATION PROVIDED IS RELEASED BY NSFOCUS "AS IS" WITHOUT WARRANTY OF ANY KIND. NSFOCUS DISCLAIMS ALL WARRANTIES, EITHER EXPRESSED OR IMPLIED, EXCEPT FOR THE WARRANTIES OF MERCHANTABILITY. IN NO EVENT SHALL NSFOCUS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL,CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF NSFOCUS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. DISTRIBUTION OR REPRODUCTION OF THE INFORMATION IS PROVIDED THAT THE ADVISORY IS NOT MODIFIED IN ANY WAY.
Copyright 1999-2006 NSFOCUS. All Rights Reserved. Terms of use.
NSFOCUS Security Team security@nsfocus.com NSFOCUS INFORMATION TECHNOLOGY CO.,LTD (http://www.nsfocus.com)
PGP Key: http://www.nsfocus.com/homepage/research/pgpkey.asc Key fingerprint = F8F2 F5D1 EF74 E08C 02FE 1B90 D7BF 7877 C6A6 F6DA
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200607-0397",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "blackice pc protection",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "3.6cpk"
},
{
"model": "realsecure desktop",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "7.0epk"
},
{
"model": "proventia desktop",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "8.0.675.1790"
},
{
"model": "blackice server protection",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "3.6cpk"
},
{
"model": "realsecure network",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "7.0"
},
{
"model": "proventia desktop",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "8.0.812.1790"
},
{
"model": "realsecure server sensor",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "7.0"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "*"
},
{
"model": "proventia m series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "*"
},
{
"model": "proventia server",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "1.0.914.1880"
},
{
"model": "proventia a series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "*"
},
{
"model": "blackice pc protection",
"scope": "lt",
"trust": 0.8,
"vendor": "the internet security",
"version": "3.6 cpk"
},
{
"model": "blackice server protection",
"scope": "lt",
"trust": 0.8,
"vendor": "the internet security",
"version": "3.6 cpk"
},
{
"model": "proventia a series",
"scope": "lt",
"trust": 0.8,
"vendor": "the internet security",
"version": "xpu 24.40"
},
{
"model": "proventia desktop",
"scope": "lt",
"trust": 0.8,
"vendor": "the internet security",
"version": "8.0.812.1790"
},
{
"model": "proventia g series",
"scope": "lt",
"trust": 0.8,
"vendor": "the internet security",
"version": "xpu 24.40/1.79"
},
{
"model": "proventia m series",
"scope": "lt",
"trust": 0.8,
"vendor": "the internet security",
"version": "xpu 1.79"
},
{
"model": "proventia server",
"scope": "lt",
"trust": 0.8,
"vendor": "the internet security",
"version": "for linux xpu 1.79"
},
{
"model": "realsecure desktop",
"scope": "lt",
"trust": 0.8,
"vendor": "the internet security",
"version": "7.0 epk"
},
{
"model": "realsecure network sensor",
"scope": "lt",
"trust": 0.8,
"vendor": "the internet security",
"version": "7.0 xpu 24.40"
},
{
"model": "realsecure server sensor",
"scope": "lt",
"trust": 0.8,
"vendor": "the internet security",
"version": "7.0 xpu 24.40"
},
{
"model": "proventia g series xpu",
"scope": null,
"trust": 0.6,
"vendor": "iss",
"version": null
},
{
"model": "proventia a series xpu",
"scope": null,
"trust": 0.6,
"vendor": "iss",
"version": null
},
{
"model": "proventia m series xpu",
"scope": null,
"trust": 0.6,
"vendor": "iss",
"version": null
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.9"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.8"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.7"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.6"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.5"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.4"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.3"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.2"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.12"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.11"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.10"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.1"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.020.19"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.020.18"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.020.16"
},
{
"model": "security systems realsecure network sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.4"
},
{
"model": "security systems realsecure network sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.9"
},
{
"model": "security systems realsecure network sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.8"
},
{
"model": "security systems realsecure network sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.7"
},
{
"model": "security systems realsecure network sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.6"
},
{
"model": "security systems realsecure network sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.10"
},
{
"model": "security systems realsecure network sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.020.12"
},
{
"model": "security systems realsecure network sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.020.11"
},
{
"model": "security systems realsecure network sensor",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.0"
},
{
"model": "security systems realsecure desktop ebm",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.0"
},
{
"model": "security systems realsecure desktop ebl",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.0"
},
{
"model": "security systems realsecure desktop ebk",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.0"
},
{
"model": "security systems realsecure desktop ebj",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.0"
},
{
"model": "security systems realsecure desktop ebh",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.0"
},
{
"model": "security systems realsecure desktop ebg",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.0"
},
{
"model": "security systems realsecure desktop ebf",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.0"
},
{
"model": "security systems realsecure desktop eba",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.0"
},
{
"model": "security systems proventia m series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "1.9"
},
{
"model": "security systems proventia m series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "1.8"
},
{
"model": "security systems proventia m series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "1.7"
},
{
"model": "security systems proventia m series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "1.6"
},
{
"model": "security systems proventia m series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "1.5"
},
{
"model": "security systems proventia m series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "1.4"
},
{
"model": "security systems proventia m series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "1.3"
},
{
"model": "security systems proventia m series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "1.2"
},
{
"model": "security systems proventia m series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "1.10"
},
{
"model": "security systems proventia m series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "1.1"
},
{
"model": "security systems proventia a series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "22.9"
},
{
"model": "security systems proventia a series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "22.10"
},
{
"model": "security systems proventia a series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "20.15"
},
{
"model": "security systems proventia a series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "20.14"
},
{
"model": "security systems proventia a series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "20.13"
},
{
"model": "security systems proventia a series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "20.12"
},
{
"model": "security systems proventia a series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "20.11"
},
{
"model": "security systems proventia a series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "22.8"
},
{
"model": "security systems proventia a series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "22.7"
},
{
"model": "security systems proventia a series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "22.6"
},
{
"model": "security systems proventia a series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "22.5"
},
{
"model": "security systems proventia a series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "22.4"
},
{
"model": "security systems proventia a series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "22.3"
},
{
"model": "security systems proventia a series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "22.2"
},
{
"model": "security systems proventia a series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "22.1"
},
{
"model": "security systems blackice server protection coq",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection cop",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection coo",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection con",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection com",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection col",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection cok",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection coj",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection coi",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection coh",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection cog",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection cof",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection coe",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection cod",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection coc",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection cob",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection coa",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection cch",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection ccg",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection ccf",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection cce",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection ccd",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection ccc",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection ccb",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection cca",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection cbz",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection cbr",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection .cno",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice pc protection cch",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice pc protection ccg",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice pc protection ccf",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice pc protection cce",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice pc protection ccd",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice pc protection ccc",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice pc protection ccb",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice pc protection cca",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice pc protection cbz",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice pc protection cbr",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice pc protection cbd",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice pc protection .cno",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice pc protection .cbz",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "22.9"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "22.8"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "22.7"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "22.6"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "22.5"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "22.4"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "22.3"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "22.2"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "22.12"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "22.11"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "22.10"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "22.1"
}
],
"sources": [
{
"db": "BID",
"id": "19178"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000458"
},
{
"db": "NVD",
"id": "CVE-2006-3840"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-462"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_desktop:7.0epk:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_network:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_pc_protection:3.6cpk:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_server_protection:3.6cpk:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:proventia_desktop:8.0.675.1790:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:proventia_desktop:8.0.812.1790:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_a_series_xpu:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_g_series_xpu:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_m_series_xpu:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_server:1.0.914.1880:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-3840"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nsfocus Security team security@nsfocus.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200607-462"
}
],
"trust": 0.6
},
"cve": "CVE-2006-3840",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2006-3840",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-19948",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-3840",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200607-462",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-19948",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19948"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000458"
},
{
"db": "NVD",
"id": "CVE-2006-3840"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-462"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode. ISS The product includes 2006 Year 7 Monthly release XPU include \"SMB_MailSlot_Heap_Overflow\" Defect in decoding, certain legitimate SMB Mailslot When analyzing traffic, Protocol Analysis Module (PAM) Engine stops responding to subsequent traffic and disrupts service operation (DoS) There is a vulnerability that becomes a condition.ISS Protection product interferes with service operation (DoS) It may be in a state. The Internet Security Systems implementation of SMB/TCP Mailslot is prone to a denial-of-service vulnerability. This issue is due to a design error when dealing with certain legitimate SMB Mailslot traffic. \nAn attacker can exploit this issue to crash the affected service, effectively denying service to legitimate users. ISS is an internationally renowned security vendor that provides a variety of firewalls and intrusion detection devices. An attacker only needs to send a single packet to trigger this vulnerability without actually establishing an SMB session. \n\n----------------------------------------------------------------------\n\nHardcore Disassembler / Reverse Engineer Wanted!\n\nWant to work with IDA and BinDiff?\nWant to write PoC\u0027s and Exploits?\n\nYour nationality is not important. \nWe will get you a work permit, find an apartment, and offer a\nrelocation compensation package. \n\nSuccessful exploitation causes the application or system to stop\nresponding. \n\nSOLUTION:\nUpdate to a fixed version (see vendor advisory for details). \n\nORIGINAL ADVISORY:\nISS:\nhttp://xforce.iss.net/xforce/alerts/id/230\nhttps://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630\n\nNSFocus:\nhttp://www.nsfocus.com/english/homepage/research/0607.htm\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. NSFOCUS Security Advisory (SA2006-07)\n\nISS RealSecure/BlackICE MailSlot Heap Overflow Detection Remote DoS Vulnerability\n\nRelease Date: 2006-07-27\n\nCVE ID: CVE-2006-3840\n\nhttp://www.nsfocus.com/english/homepage/research/0607.htm\n\nAffected systems \u0026 software\n===================\n\nRealSecure Network Sensor 7.0\nProventia A Series\nProventia G Series\nProventia M Series\nRealSecure Server Sensor 7.0\nProventia Server\nRealSecure Desktop 7.0\nProventia Desktop\nBlackICE PC Protection 3.6\nBlackICE Server Protection 3.6\n\nUnaffected systems \u0026 software\n===================\n\n\nSummary\n=========\n\nNSFocus Security Team discovered a remote DoS vulnerability in ISS RealSecure/\nBlackICE products lines\u0027 detection of MailSlot Heap Overflow (MS06-035). By\nsending a specific SMB MailSlot packet it\u0027s possible to cause DoS in ISS\nprotection products. \n\nDescription\n============\n\nThere is a DoS vulnerability in ISS protection products\u0027 detection of SMB_MailSlot_Heap_Overflow\n(MS06-035/KB917159). By sending a specific SMB MailSlot packet it\u0027s possible\nto cause an infinite loop to occur in the detection code, and the ISS product \nor even the operating system will stop to respond. For example, for BlackICE \nthe vulnerability might cause the inerruption of the network traffic, \nand an approximately 100% CPU utilization. STOP BlackICE engine will not restore\nnormal operation. Instead OS restart is required. \n\nThis vulnerability can be triggered by a single packet. The establishment of \na real SMB session is not required. \n\nWorkaround\n=============\n\nBlock ports TCP/445 and TCP/139 at the firewall. \n \nVendor Status\n==============\n\n2006.07.24 Informed the vendor\n2006.07.25 Vendor confirmed the vulnerability\n2006.07.26 ISS has released a security alert and related patches. \n \nFor more details about the security alert, please refer to:\nhttp://xforce.iss.net/xforce/alerts/id/230\n\nISS has released the following XPUs to fix this vulnerability:\n\nRealSecure Network 7.0, XPU 24.40\nProventia A Series, XPU 24.40\nProventia G Series, XPU 24.40/1.79\nProventia M Series, XPU 1.79\nRealSecure Server Sensor 7.0, XPU 24.40\nProventia Server 1.0.914.1880\nRealSecure Desktop 7.0 epk\nProventia Desktop 8.0.812.1790/8.0.675.1790\nBlackICE PC Protection 3.6 cpk\nBlackICE Server Protection 3.6 cpk\n\nAdditional Information\n========================\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nname CVE-2006-3840 to this issue. This is a candidate for inclusion in the \nCVE list (http://cve.mitre.org), which standardizes names for security problems. \nCandidates may change significantly before they become official CVE entries. \n\nAcknowledgment\n===============\n\nChen Qing of NSFocus Security Team found the vulnerability. \n\nDISCLAIMS\n==========\nTHE INFORMATION PROVIDED IS RELEASED BY NSFOCUS \"AS IS\" WITHOUT WARRANTY\nOF ANY KIND. NSFOCUS DISCLAIMS ALL WARRANTIES, EITHER EXPRESSED OR IMPLIED,\nEXCEPT FOR THE WARRANTIES OF MERCHANTABILITY. IN NO EVENT SHALL NSFOCUS\nBE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,\nINCIDENTAL,CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES,\nEVEN IF NSFOCUS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. \nDISTRIBUTION OR REPRODUCTION OF THE INFORMATION IS PROVIDED THAT THE\nADVISORY IS NOT MODIFIED IN ANY WAY. \n\nCopyright 1999-2006 NSFOCUS. All Rights Reserved. Terms of use. \n\n\nNSFOCUS Security Team \u003csecurity@nsfocus.com\u003e\nNSFOCUS INFORMATION TECHNOLOGY CO.,LTD\n(http://www.nsfocus.com)\n\nPGP Key: http://www.nsfocus.com/homepage/research/pgpkey.asc\nKey fingerprint = F8F2 F5D1 EF74 E08C 02FE 1B90 D7BF 7877 C6A6 F6DA\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-3840"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000458"
},
{
"db": "BID",
"id": "19178"
},
{
"db": "VULHUB",
"id": "VHN-19948"
},
{
"db": "PACKETSTORM",
"id": "48616"
},
{
"db": "PACKETSTORM",
"id": "48652"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-3840",
"trust": 2.9
},
{
"db": "BID",
"id": "19178",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1016591",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1016592",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1016590",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "21219",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2006-2996",
"trust": 1.7
},
{
"db": "XF",
"id": "27965",
"trust": 1.4
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000458",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200607-462",
"trust": 0.7
},
{
"db": "ISS",
"id": "20060726 PROTOCOL PARSING BUG IN SMB MAILSLOT PARSING IN ISS PRODUCTS",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20060727 NSFOCUS SA2006-07 : ISS REALSECURE/BLACKICE MAILSLOT HEAP OVERFLOW DETECTION REMOTE DOS VULNERABILITY",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "48652",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-19948",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "48616",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19948"
},
{
"db": "BID",
"id": "19178"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000458"
},
{
"db": "PACKETSTORM",
"id": "48616"
},
{
"db": "PACKETSTORM",
"id": "48652"
},
{
"db": "NVD",
"id": "CVE-2006-3840"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-462"
}
]
},
"id": "VAR-200607-0397",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-19948"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:45:17.531000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "3630",
"trust": 0.8,
"url": "https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630"
},
{
"title": "230",
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/alerts/id/230"
},
{
"title": "smb_mailslot_230",
"trust": 0.8,
"url": "http://www.isskk.co.jp/support/techinfo/general/smb_mailslot_230.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000458"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19948"
},
{
"db": "NVD",
"id": "CVE-2006-3840"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://xforce.iss.net/xforce/alerts/id/230"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/19178"
},
{
"trust": 2.5,
"url": "http://securitytracker.com/id?1016590"
},
{
"trust": 2.5,
"url": "http://securitytracker.com/id?1016591"
},
{
"trust": 2.5,
"url": "http://securitytracker.com/id?1016592"
},
{
"trust": 2.1,
"url": "https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630"
},
{
"trust": 1.9,
"url": "http://www.nsfocus.com/english/homepage/research/0607.htm"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/21219"
},
{
"trust": 1.4,
"url": "http://www.frsirt.com/english/advisories/2006/2996"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/27965"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/441278/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/2996"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27965"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3840"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2006-3840"
},
{
"trust": 0.8,
"url": "http://www.isskk.co.jp/support/techinfo/general/smb_mailslot_230.html"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/441278/100/0/threaded"
},
{
"trust": 0.3,
"url": "/archive/1/441278"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/21219/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2356/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2348/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1702/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2160/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/465/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/11161/"
},
{
"trust": 0.1,
"url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2349/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5689/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2363/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2347/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org),"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3840"
},
{
"trust": 0.1,
"url": "http://www.nsfocus.com/homepage/research/pgpkey.asc"
},
{
"trust": 0.1,
"url": "http://www.nsfocus.com)"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19948"
},
{
"db": "BID",
"id": "19178"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000458"
},
{
"db": "PACKETSTORM",
"id": "48616"
},
{
"db": "PACKETSTORM",
"id": "48652"
},
{
"db": "NVD",
"id": "CVE-2006-3840"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-462"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-19948"
},
{
"db": "BID",
"id": "19178"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000458"
},
{
"db": "PACKETSTORM",
"id": "48616"
},
{
"db": "PACKETSTORM",
"id": "48652"
},
{
"db": "NVD",
"id": "CVE-2006-3840"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-462"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-07-27T00:00:00",
"db": "VULHUB",
"id": "VHN-19948"
},
{
"date": "2006-07-26T00:00:00",
"db": "BID",
"id": "19178"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000458"
},
{
"date": "2006-07-28T01:04:26",
"db": "PACKETSTORM",
"id": "48616"
},
{
"date": "2006-07-28T03:19:00",
"db": "PACKETSTORM",
"id": "48652"
},
{
"date": "2006-07-27T11:04:00",
"db": "NVD",
"id": "CVE-2006-3840"
},
{
"date": "2006-07-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200607-462"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-17T00:00:00",
"db": "VULHUB",
"id": "VHN-19948"
},
{
"date": "2006-07-28T23:22:00",
"db": "BID",
"id": "19178"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000458"
},
{
"date": "2018-10-17T21:31:50.767000",
"db": "NVD",
"id": "CVE-2006-3840"
},
{
"date": "2006-08-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200607-462"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "48652"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-462"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ISS Product SMB Mailslot Service disruption in analysis (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000458"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200607-462"
}
],
"trust": 0.6
}
}
VAR-200310-0075
Vulnerability from variot - Updated: 2023-12-18 13:35Unknown vulnerability in an ISAPI plugin for ISS Server Sensor 7.0 XPU 20.16, 20.18, and possibly other versions before 20.19, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code in Internet Information Server (IIS) via a certain URL through SSL. This vulnerability could be exploited to crash the underlying Microsoft IIS web server. It should be noted that the service may be automatically restarted. It is not known if this issue affects other platforms or can be exploited to crash other underlying web server implementations. The researchers who discovered this vulnerability are currently investigating the possibility of exploiting this issue to execute arbitrary code, though sufficient details are not available regarding this at the time of writing. This BID will be updated if more details become available. RealSecure Server Sensor is a set of intrusion detection and immediate response system based on host-base and network-base. Remote attackers can exploit this vulnerability to perform denial-of-service attacks on services. It's unclear if other platforms are affected by the vulnerability. [enteredgelogo.jpg]
EnterEdge Technology takes a holistic approach to ensuring the Confidentiality, Integrity and Availability of data. By
combining best-of-breed technology with security expertise, education and managed security services, EnterEdge helps
organizations lower costs and improve efficiencies.
By simply sending a properly formatted URL via SSL, the ISAPI filter will crash IIS shutting down the service entirely.
We are currently testing this vulnerability in XPU 20.16 and 20.18 for remote code execution or code redirection.
We contacted ISS on or about August 14th concerning this issue. ISS has since released XPU 20.19 which addresses this specific issue.
Credit: EnterEdge Technology, LLC
Copyright (c) 1998-2003 EnterEdge Technology Permission is hereby granted for the redistribution of this alert electronically. It is not to be edited in any way without express consent of EnterEdge Technology. If you wish to reprint the whole or any part of this alert in any other medium excluding electronic medium, please e-mail research@enteredge.com for permission.
Disclaimer The information within this paper may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties with regard to this information. In no event shall the author be liable for any damages whatsoever arising out of or in connection with the use or spread of this information. Any use of this information is at the user's own risk.
Feedback Please send suggestions, updates, and comments to: research@enteredge.com EnterEdge Technology http://www.enteredge.com
Copyright \xa9 2001 EnterEdge Technology, LLC 5500 Interstate N. Pkwy Suite 440 Atlanta, GA 30328
Phone: 770.955.9899 Fax 770.955.9896
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200310-0075",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "realsecure server sensor",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "7.0"
},
{
"model": "realsecure server sensor",
"scope": "eq",
"trust": 0.8,
"vendor": "the internet security",
"version": "7.0"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.020.18"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.020.16"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "7.020.19"
}
],
"sources": [
{
"db": "BID",
"id": "8550"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000263"
},
{
"db": "NVD",
"id": "CVE-2003-0702"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-041"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu20.16:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu20.18:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0702"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "EnterEdge Technology",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200310-041"
}
],
"trust": 0.6
},
"cve": "CVE-2003-0702",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2003-0702",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-7527",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2003-0702",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200310-041",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-7527",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-7527"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000263"
},
{
"db": "NVD",
"id": "CVE-2003-0702"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-041"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown vulnerability in an ISAPI plugin for ISS Server Sensor 7.0 XPU 20.16, 20.18, and possibly other versions before 20.19, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code in Internet Information Server (IIS) via a certain URL through SSL. This vulnerability could be exploited to crash the underlying Microsoft IIS web server. It should be noted that the service may be automatically restarted. \nIt is not known if this issue affects other platforms or can be exploited to crash other underlying web server implementations. \nThe researchers who discovered this vulnerability are currently investigating the possibility of exploiting this issue to execute arbitrary code, though sufficient details are not available regarding this at the time of writing. This BID will be updated if more details become available. RealSecure Server Sensor is a set of intrusion detection and immediate response system based on host-base and network-base. Remote attackers can exploit this vulnerability to perform denial-of-service attacks on services. It\u0027s unclear if other platforms are affected by the vulnerability. \n [enteredgelogo.jpg]\n \n \n EnterEdge Technology takes a holistic approach to ensuring the Confidentiality, Integrity and Availability of data. By\n combining best-of-breed technology with security expertise, education and managed security services, EnterEdge helps\n organizations lower costs and improve efficiencies. \n\n By simply sending a properly formatted URL via SSL, the ISAPI filter will crash IIS shutting down the service entirely. \n\n We are currently testing this vulnerability in XPU 20.16 and 20.18 for remote code execution or code redirection. \n\n We contacted ISS on or about August 14th concerning this issue. ISS has since released XPU 20.19 which addresses this\n specific issue. \n\n Credit: EnterEdge Technology, LLC\n\n Copyright (c) 1998-2003 EnterEdge Technology\n Permission is hereby granted for the redistribution of this alert electronically. It is not to be edited in any way\n without express consent of EnterEdge Technology. If you wish to reprint the whole or any part of this alert in any other\n medium excluding electronic medium, please e-mail research@enteredge.com for permission. \n\n Disclaimer\n The information within this paper may change without notice. Use of this information constitutes acceptance for use in an\n AS IS condition. There are NO warranties with regard to this information. In no event shall the author be liable for any\n damages whatsoever arising out of or in connection with the use or spread of this information. Any use of this\n information is at the user\u0027s own risk. \n\n Feedback\n Please send suggestions, updates, and comments to: research@enteredge.com\n EnterEdge Technology http://www.enteredge.com\n\n Copyright \\xa9 2001 EnterEdge Technology, LLC 5500 Interstate N. Pkwy Suite 440 Atlanta, GA 30328\n Phone: 770.955.9899 Fax 770.955.9896\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0702"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000263"
},
{
"db": "BID",
"id": "8550"
},
{
"db": "VULHUB",
"id": "VHN-7527"
},
{
"db": "PACKETSTORM",
"id": "31598"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-7527",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-7527"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2003-0702",
"trust": 2.9
},
{
"db": "XF",
"id": "13088",
"trust": 1.4
},
{
"db": "BID",
"id": "8550",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000263",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200310-041",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20030905 ISS SERVER SENSOR DENIAL OF SERVICE",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "31598",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-7527",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-7527"
},
{
"db": "BID",
"id": "8550"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000263"
},
{
"db": "PACKETSTORM",
"id": "31598"
},
{
"db": "NVD",
"id": "CVE-2003-0702"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-041"
}
]
},
"id": "VAR-200310-0075",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-7527"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:35:51.430000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.isskk.co.jp/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000263"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0702"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.enteredge.com/research/can-2003-0702.asp"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/13088"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13088"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=106278164225389\u0026w=2"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0702"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0702"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/8550"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=106278164225389\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.iss.net/products_services/enterprise_protection/rsserver/protector_server.php"
},
{
"trust": 0.3,
"url": "/archive/1/336307"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=106278164225389\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0702"
},
{
"trust": 0.1,
"url": "http://www.enteredge.com"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-7527"
},
{
"db": "BID",
"id": "8550"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000263"
},
{
"db": "PACKETSTORM",
"id": "31598"
},
{
"db": "NVD",
"id": "CVE-2003-0702"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-041"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-7527"
},
{
"db": "BID",
"id": "8550"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000263"
},
{
"db": "PACKETSTORM",
"id": "31598"
},
{
"db": "NVD",
"id": "CVE-2003-0702"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-041"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-10-20T00:00:00",
"db": "VULHUB",
"id": "VHN-7527"
},
{
"date": "2003-09-05T00:00:00",
"db": "BID",
"id": "8550"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000263"
},
{
"date": "2003-09-09T03:28:46",
"db": "PACKETSTORM",
"id": "31598"
},
{
"date": "2003-10-20T04:00:00",
"db": "NVD",
"id": "CVE-2003-0702"
},
{
"date": "2003-09-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200310-041"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-7527"
},
{
"date": "2009-07-11T23:56:00",
"db": "BID",
"id": "8550"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000263"
},
{
"date": "2017-07-11T01:29:35.337000",
"db": "NVD",
"id": "CVE-2003-0702"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200310-041"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200310-041"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ISS RealSecure Server Sensor In URL request Service disruption due to incomplete processing (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000263"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200310-041"
}
],
"trust": 0.6
}
}
VAR-200404-0032
Vulnerability from variot - Updated: 2023-12-18 13:31Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm. The Protocol Analysis Module (PAM) used by Internet Security Systems (ISS) intrusion detection and prevention products does not properly handle ICQ server response messages. An unauthenticated, remote attacker could execute arbitrary code by sending a specially crafted UDP packet. This issue exists due to insufficient bounds checking performed on certain unspecified ICQ protocol fields supplied in ICQ response data. This attack would occur in the context of the vulnerable process. This module is used to parse network protocols and is included in a number of products provided by ISS, including various RealSecure and BlackICE releases. To call these affected functions, an attacker simply needs to construct an SRV_USER_ONLINE reply containing two nested reply packets. Attackers can forge data frames and send them to networks, devices, and hosts protected by ISS products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200404-0032",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "22.2"
},
{
"model": "proventia a series xpu",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "20.11"
},
{
"model": "proventia a series xpu",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "22.1"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "22.3"
},
{
"model": "realsecure server sensor",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "7.0"
},
{
"model": "realsecure desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6ecf"
},
{
"model": "realsecure desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "7.0eba"
},
{
"model": "realsecure server sensor",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "6.0.1_win_sr1.1"
},
{
"model": "blackice agent server",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6ebz"
},
{
"model": "realsecure sentry",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6eca"
},
{
"model": "realsecure sentry",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6ecb"
},
{
"model": "realsecure desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "7.0ebf"
},
{
"model": "realsecure network sensor",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "7.0"
},
{
"model": "realsecure desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6ece"
},
{
"model": "proventia m series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "1.1"
},
{
"model": "proventia a series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "22.3"
},
{
"model": "proventia m series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "1.9"
},
{
"model": "proventia m series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "1.7"
},
{
"model": "realsecure server sensor",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "6.5_win_sr3.6"
},
{
"model": "realsecure sentry",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6ebz"
},
{
"model": "proventia a series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "22.5"
},
{
"model": "realsecure desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "7.0ebk"
},
{
"model": "realsecure guard",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6eca"
},
{
"model": "realsecure server sensor",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "6.5"
},
{
"model": "realsecure server sensor",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "6.5_win_sr3.5"
},
{
"model": "blackice agent server",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6eca"
},
{
"model": "realsecure guard",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6ecb"
},
{
"model": "realsecure desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6ecd"
},
{
"model": "realsecure desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "7.0ebg"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "22.5"
},
{
"model": "proventia m series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "1.2"
},
{
"model": "proventia m series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "1.8"
},
{
"model": "realsecure guard",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6ebz"
},
{
"model": "blackice agent server",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6ecf"
},
{
"model": "proventia a series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "22.9"
},
{
"model": "realsecure server sensor",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "6.5_win_sr3.10"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "22.8"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "22.9"
},
{
"model": "blackice agent server",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6ece"
},
{
"model": "realsecure desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "7.0ebh"
},
{
"model": "realsecure sentry",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6ecf"
},
{
"model": "blackice pc protection",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6ccd"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "22.10"
},
{
"model": "blackice server protection",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6ccd"
},
{
"model": "blackice agent server",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6ecc"
},
{
"model": "realsecure sentry",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6ece"
},
{
"model": "proventia m series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "1.3"
},
{
"model": "blackice agent server",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6ecd"
},
{
"model": "proventia m series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "1.6"
},
{
"model": "realsecure guard",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6ecf"
},
{
"model": "realsecure server sensor",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "6.0.1"
},
{
"model": "proventia a series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "22.2"
},
{
"model": "blackice pc protection",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6ccf"
},
{
"model": "blackice pc protection",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6ccb"
},
{
"model": "proventia a series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "22.7"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "22.1"
},
{
"model": "blackice server protection",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6ccf"
},
{
"model": "blackice server protection",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6ccb"
},
{
"model": "realsecure sentry",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6ecc"
},
{
"model": "realsecure sentry",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6ecd"
},
{
"model": "realsecure server sensor",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "6.5_win_sr3.8"
},
{
"model": "realsecure guard",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6ece"
},
{
"model": "realsecure server sensor",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "6.0"
},
{
"model": "blackice pc protection",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6cce"
},
{
"model": "realsecure desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6eca"
},
{
"model": "realsecure server sensor",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "6.5_win_sr3.1"
},
{
"model": "blackice server protection",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6cce"
},
{
"model": "realsecure desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6ecb"
},
{
"model": "blackice pc protection",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6cca"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "22.7"
},
{
"model": "blackice server protection",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6cca"
},
{
"model": "realsecure server sensor",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "6.5_win_sr3.4"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "22.11"
},
{
"model": "realsecure desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6ebz"
},
{
"model": "realsecure desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "7.0ebl"
},
{
"model": "realsecure guard",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6ecc"
},
{
"model": "realsecure guard",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6ecd"
},
{
"model": "proventia a series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "22.6"
},
{
"model": "proventia a series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "22.4"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "22.6"
},
{
"model": "proventia a series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "22.8"
},
{
"model": "proventia m series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "1.5"
},
{
"model": "realsecure server sensor",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "6.5_win_sr3.7"
},
{
"model": "realsecure desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "7.0ebj"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "22.4"
},
{
"model": "blackice pc protection",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6cbz"
},
{
"model": "blackice server protection",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6cbz"
},
{
"model": "blackice pc protection",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6ccc"
},
{
"model": "blackice server protection",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6ccc"
},
{
"model": "proventia a series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "22.10"
},
{
"model": "proventia m series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "1.4"
},
{
"model": "realsecure server sensor",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "6.5_win_sr3.9"
},
{
"model": "blackice agent server",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "3.6ecb"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet security",
"version": null
},
{
"model": "blackice agent for server",
"scope": "eq",
"trust": 0.8,
"vendor": "the internet security",
"version": "3.6 ecf before"
},
{
"model": "blackice pc protection",
"scope": "eq",
"trust": 0.8,
"vendor": "the internet security",
"version": "3.6 ccf before"
},
{
"model": "blackice server protection",
"scope": "eq",
"trust": 0.8,
"vendor": "the internet security",
"version": "3.6 ccf before"
},
{
"model": "proventia a series",
"scope": "eq",
"trust": 0.8,
"vendor": "the internet security",
"version": "xpu 22.11 before"
},
{
"model": "proventia g series",
"scope": "eq",
"trust": 0.8,
"vendor": "the internet security",
"version": "xpu 22.11 before"
},
{
"model": "proventia m series",
"scope": "eq",
"trust": 0.8,
"vendor": "the internet security",
"version": "xpu 1.9 before"
},
{
"model": "realsecure desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "the internet security",
"version": "3.6 ecf before"
},
{
"model": "realsecure desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "the internet security",
"version": "7.0 ebl before"
},
{
"model": "realsecure guard",
"scope": "eq",
"trust": 0.8,
"vendor": "the internet security",
"version": "3.6 ecf before"
},
{
"model": "realsecure network sensor",
"scope": "eq",
"trust": 0.8,
"vendor": "the internet security",
"version": "7.0"
},
{
"model": "realsecure network sensor",
"scope": "eq",
"trust": 0.8,
"vendor": "the internet security",
"version": "xpu 22.11 before"
},
{
"model": "realsecure sentry",
"scope": "eq",
"trust": 0.8,
"vendor": "the internet security",
"version": "3.6 ecf before"
},
{
"model": "realsecure server sensor",
"scope": "eq",
"trust": 0.8,
"vendor": "the internet security",
"version": "6.5 for windows sr 3.10 before"
},
{
"model": "realsecure server sensor",
"scope": "eq",
"trust": 0.8,
"vendor": "the internet security",
"version": "7.0"
},
{
"model": "realsecure server sensor",
"scope": "eq",
"trust": 0.8,
"vendor": "the internet security",
"version": "xpu 22.11 before"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.9"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.8"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.7"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.6"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.5"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.4"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.3"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.2"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.11"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.10"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.1"
},
{
"model": "security systems realsecure server sensor win sr3.9",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "6.5"
},
{
"model": "security systems realsecure server sensor win sr3.8",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "6.5"
},
{
"model": "security systems realsecure server sensor win sr3.7",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "6.5"
},
{
"model": "security systems realsecure server sensor win sr3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "6.5"
},
{
"model": "security systems realsecure server sensor win sr3.5",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "6.5"
},
{
"model": "security systems realsecure server sensor win sr3.4",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "6.5"
},
{
"model": "security systems realsecure server sensor win sr3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "6.5"
},
{
"model": "security systems realsecure server sensor win sr3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "6.5"
},
{
"model": "security systems realsecure server sensor win sr3.10",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "6.5"
},
{
"model": "security systems realsecure server sensor win sr3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "6.5"
},
{
"model": "security systems realsecure server sensor win",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "6.5"
},
{
"model": "security systems realsecure server sensor win sr1.1",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "6.0.1"
},
{
"model": "security systems realsecure server sensor win",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "6.0.1"
},
{
"model": "security systems realsecure server sensor win",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "6.0"
},
{
"model": "security systems realsecure sentry ecd",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure sentry ecf",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure sentry ece",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure sentry ecc",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure sentry ecb",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure sentry eca",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure sentry ebz",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure network sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.4"
},
{
"model": "security systems realsecure network sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.9"
},
{
"model": "security systems realsecure network sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.10"
},
{
"model": "security systems realsecure network sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.020.11"
},
{
"model": "security systems realsecure network sensor",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.0"
},
{
"model": "security systems realsecure guard ecd",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure guard ecf",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure guard ece",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure guard ecc",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure guard ecb",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure guard eca",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure guard ebz",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure desktop ebl",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.0"
},
{
"model": "security systems realsecure desktop ebk",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.0"
},
{
"model": "security systems realsecure desktop ebj",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.0"
},
{
"model": "security systems realsecure desktop ebh",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.0"
},
{
"model": "security systems realsecure desktop ebg",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.0"
},
{
"model": "security systems realsecure desktop ebf",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.0"
},
{
"model": "security systems realsecure desktop eba",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.0"
},
{
"model": "security systems realsecure desktop ecf",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure desktop ece",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure desktop ecd",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure desktop ecb",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure desktop eca",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure desktop ebz",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems proventia m series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "1.9"
},
{
"model": "security systems proventia m series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "1.8"
},
{
"model": "security systems proventia m series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "1.7"
},
{
"model": "security systems proventia m series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "1.6"
},
{
"model": "security systems proventia m series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "1.5"
},
{
"model": "security systems proventia m series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "1.4"
},
{
"model": "security systems proventia m series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "1.3"
},
{
"model": "security systems proventia m series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "1.2"
},
{
"model": "security systems proventia m series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "1.1"
},
{
"model": "security systems proventia a series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "22.9"
},
{
"model": "security systems proventia a series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "22.10"
},
{
"model": "security systems proventia a series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "20.11"
},
{
"model": "security systems proventia a series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "22.8"
},
{
"model": "security systems proventia a series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "22.7"
},
{
"model": "security systems proventia a series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "22.6"
},
{
"model": "security systems proventia a series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "22.5"
},
{
"model": "security systems proventia a series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "22.4"
},
{
"model": "security systems proventia a series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "22.3"
},
{
"model": "security systems proventia a series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "22.2"
},
{
"model": "security systems proventia a series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "22.1"
},
{
"model": "security systems blackice server protection ccf",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection cce",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection ccd",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection ccc",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection ccb",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection cca",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection cbz",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice pc protection ccf",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice pc protection cce",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice pc protection ccd",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice pc protection ccc",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice pc protection ccb",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice pc protection cca",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice pc protection .cbz",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice agent for server ecf",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice agent for server ece",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice agent for server ecd",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice agent for server ecc",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice agent for server ecb",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice agent for server eca",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice agent for server ebz",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "22.9"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "22.8"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "22.7"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "22.6"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "22.5"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "22.4"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "22.3"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "22.2"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "22.11"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "22.10"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "22.1"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.12"
},
{
"model": "security systems realsecure server sensor win sr3.11",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "6.5"
},
{
"model": "security systems realsecure network sensor xpu",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "7.020.12"
},
{
"model": "security systems realsecure guard ecg",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure desktop ebm",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "7.0"
},
{
"model": "security systems realsecure desktop ecg",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems proventia m series xpu",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "1.10"
},
{
"model": "security systems proventia a series xpu",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "20.12"
},
{
"model": "security systems blackice server protection ccg",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice pc protection ccg",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice agent for server ecg",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "proventia g series xpu",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "22.12"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#947254"
},
{
"db": "BID",
"id": "9913"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000089"
},
{
"db": "NVD",
"id": "CVE-2004-0362"
},
{
"db": "CNNVD",
"id": "CNNVD-200404-038"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_agent_server:3.6ecd:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_agent_server:3.6ece:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_pc_protection:3.6ccf:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_server_protection:3.6cbz:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_desktop:3.6ebz:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_desktop:3.6eca:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_desktop:7.0ebg:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_desktop:7.0ebh:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_guard:3.6ecd:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_guard:3.6ece:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_sentry:3.6ebz:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_sentry:3.6eca:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:6.0.1_win_sr1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:6.0:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_agent_server:3.6ecf:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_pc_protection:3.6cbz:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_server_protection:3.6cca:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_server_protection:3.6ccb:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_desktop:3.6ecb:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_desktop:3.6ecd:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_desktop:7.0ebj:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_desktop:7.0ebk:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_guard:3.6ecf:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_network_sensor:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_sentry:3.6ecb:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_sentry:3.6ecc:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:6.5:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:6.5:sr3.2:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_agent_server:3.6ebz:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_agent_server:3.6eca:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_pc_protection:3.6cca:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_pc_protection:3.6ccb:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_server_protection:3.6ccc:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_server_protection:3.6ccd:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_desktop:3.6ece:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_desktop:3.6ecf:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_desktop:7.0ebl:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_guard:3.6ebz:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_guard:3.6eca:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_network_sensor:7.0:xpu_20.11:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_network_sensor:7.0:xpu_22.10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_sentry:3.6ecd:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_sentry:3.6ece:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:6.5:sr3.3:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_agent_server:3.6ecb:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_agent_server:3.6ecc:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_pc_protection:3.6ccc:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_pc_protection:3.6ccd:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_pc_protection:3.6cce:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_server_protection:3.6cce:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_server_protection:3.6ccf:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_desktop:7.0eba:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_desktop:7.0ebf:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_guard:3.6ecb:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_guard:3.6ecc:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_network_sensor:7.0:xpu_22.4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_network_sensor:7.0:xpu_22.9:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_sentry:3.6ecf:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:6.0.1:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.11:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.9:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_a_series_xpu:20.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_a_series_xpu:22.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_a_series_xpu:22.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_a_series_xpu:22.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_g_series_xpu:22.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_g_series_xpu:22.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_m_series_xpu:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_m_series_xpu:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_m_series_xpu:1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_a_series_xpu:22.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_a_series_xpu:22.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_a_series_xpu:22.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_g_series_xpu:22.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_g_series_xpu:22.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_g_series_xpu:22.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_g_series_xpu:22.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_m_series_xpu:1.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_m_series_xpu:1.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_a_series_xpu:22.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_a_series_xpu:22.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_g_series_xpu:22.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_g_series_xpu:22.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_g_series_xpu:22.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_m_series_xpu:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_m_series_xpu:1.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_a_series_xpu:22.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_a_series_xpu:22.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_g_series_xpu:22.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_g_series_xpu:22.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_m_series_xpu:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:iss:proventia_m_series_xpu:1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0362"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "eEye info@eEye.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200404-038"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0362",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2004-0362",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-8792",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-0362",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#947254",
"trust": 0.8,
"value": "30.44"
},
{
"author": "CNNVD",
"id": "CNNVD-200404-038",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-8792",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#947254"
},
{
"db": "VULHUB",
"id": "VHN-8792"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000089"
},
{
"db": "NVD",
"id": "CVE-2004-0362"
},
{
"db": "CNNVD",
"id": "CNNVD-200404-038"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm. The Protocol Analysis Module (PAM) used by Internet Security Systems (ISS) intrusion detection and prevention products does not properly handle ICQ server response messages. An unauthenticated, remote attacker could execute arbitrary code by sending a specially crafted UDP packet. This issue exists due to insufficient bounds checking performed on certain unspecified ICQ protocol fields supplied in ICQ response data. This attack would occur in the context of the vulnerable process. \nThis module is used to parse network protocols and is included in a number of products provided by ISS, including various RealSecure and BlackICE releases. To call these affected functions, an attacker simply needs to construct an SRV_USER_ONLINE reply containing two nested reply packets. Attackers can forge data frames and send them to networks, devices, and hosts protected by ISS products",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0362"
},
{
"db": "CERT/CC",
"id": "VU#947254"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000089"
},
{
"db": "BID",
"id": "9913"
},
{
"db": "VULHUB",
"id": "VHN-8792"
}
],
"trust": 2.7
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-8792",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-8792"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "9913",
"trust": 3.6
},
{
"db": "CERT/CC",
"id": "VU#947254",
"trust": 3.3
},
{
"db": "SECUNIA",
"id": "11073",
"trust": 2.5
},
{
"db": "OSVDB",
"id": "4355",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2004-0362",
"trust": 2.5
},
{
"db": "XF",
"id": "15442",
"trust": 1.4
},
{
"db": "XF",
"id": "15543",
"trust": 1.4
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000089",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200404-038",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20040318 EEYE: INTERNET SECURITY SYSTEMS PAM ICQ SERVER RESPONSE PROCESSING VULNERABILITY",
"trust": 0.6
},
{
"db": "ISS",
"id": "20040318 VULNERABILITY IN ICQ PARSING IN ISS PRODUCTS",
"trust": 0.6
},
{
"db": "EEYE",
"id": "AD20040318",
"trust": 0.6
},
{
"db": "CIAC",
"id": "O-104",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "83212",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "168",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "16464",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-88874",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-70978",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-8792",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#947254"
},
{
"db": "VULHUB",
"id": "VHN-8792"
},
{
"db": "BID",
"id": "9913"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000089"
},
{
"db": "NVD",
"id": "CVE-2004-0362"
},
{
"db": "CNNVD",
"id": "CNNVD-200404-038"
}
]
},
"id": "VAR-200404-0032",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-8792"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:31:00.683000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "167",
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/alerts/id/167"
},
{
"title": "166",
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/alerts/id/166"
},
{
"title": "ICQ_ISS_166",
"trust": 0.8,
"url": "http://www.isskk.co.jp/support/techinfo/general/icq_iss_166.html"
},
{
"title": "Witty_167",
"trust": 0.8,
"url": "http://www.isskk.co.jp/support/techinfo/general/witty_167.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000089"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0362"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.6,
"url": "http://xforce.iss.net/xforce/alerts/id/166"
},
{
"trust": 3.3,
"url": "http://www.securityfocus.com/bid/9913"
},
{
"trust": 2.8,
"url": "http://www.eeye.com/html/research/advisories/ad20040318.html"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/947254"
},
{
"trust": 2.5,
"url": "http://www.ciac.org/ciac/bulletins/o-104.shtml"
},
{
"trust": 2.5,
"url": "http://www.osvdb.org/4355"
},
{
"trust": 1.9,
"url": "http://xforce.iss.net/xforce/alerts/id/167"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/11073"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/15543"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/15442"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15442"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15543"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=107965651712378\u0026w=2"
},
{
"trust": 0.8,
"url": "http://www.eeye.com/html/research/upcoming/20040308.html"
},
{
"trust": 0.8,
"url": "http://www.iss.net/download/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/11073/"
},
{
"trust": 0.8,
"url": "http://www.caida.org/research/security/witty/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0362"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trciac-o-104"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-0362"
},
{
"trust": 0.8,
"url": "http://www.isskk.co.jp/support/techinfo/general/icq_iss_166.html"
},
{
"trust": 0.8,
"url": "http://www.isskk.co.jp/support/techinfo/general/witty_167.html"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=107965651712378\u0026w=2"
},
{
"trust": 0.3,
"url": "http://support.coresecurity.com/impact/exploits/cf012333dc243844422b2f4849ac394c.html"
},
{
"trust": 0.3,
"url": "/archive/1/357916"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=107965651712378\u0026amp;w=2"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#947254"
},
{
"db": "VULHUB",
"id": "VHN-8792"
},
{
"db": "BID",
"id": "9913"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000089"
},
{
"db": "NVD",
"id": "CVE-2004-0362"
},
{
"db": "CNNVD",
"id": "CNNVD-200404-038"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#947254"
},
{
"db": "VULHUB",
"id": "VHN-8792"
},
{
"db": "BID",
"id": "9913"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000089"
},
{
"db": "NVD",
"id": "CVE-2004-0362"
},
{
"db": "CNNVD",
"id": "CNNVD-200404-038"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-03-20T00:00:00",
"db": "CERT/CC",
"id": "VU#947254"
},
{
"date": "2004-04-15T00:00:00",
"db": "VULHUB",
"id": "VHN-8792"
},
{
"date": "2004-03-18T00:00:00",
"db": "BID",
"id": "9913"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000089"
},
{
"date": "2004-04-15T04:00:00",
"db": "NVD",
"id": "CVE-2004-0362"
},
{
"date": "2004-03-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200404-038"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-06-12T00:00:00",
"db": "CERT/CC",
"id": "VU#947254"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-8792"
},
{
"date": "2004-03-18T00:00:00",
"db": "BID",
"id": "9913"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000089"
},
{
"date": "2017-07-11T01:30:06.120000",
"db": "NVD",
"id": "CVE-2004-0362"
},
{
"date": "2006-06-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200404-038"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200404-038"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Internet Security Systems Protocol Analysis Module (PAM) does not properly handle ICQ server response messages",
"sources": [
{
"db": "CERT/CC",
"id": "VU#947254"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200404-038"
}
],
"trust": 0.6
}
}
VAR-200205-0034
Vulnerability from variot - Updated: 2023-12-18 13:05Buffer overflow in ISS BlackICE Defender 2.9 and earlier, BlackICE Agent 3.0 and 3.1, and RealSecure Server Sensor 6.0.1 and 6.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a flood of large ICMP ping packets. Internet Security Systems's BlackICE Defender, BlackICE Agent and RealSecure Server Sensor, are network intrusion detection systems which run in Microsoft Windows environments. A buffer overflow condition has been reported in these products which can be exploited by a remote user. Exploitation is achievable via a ping flood attack. Sending a series of large Echo Request (ping) packets to a target host will trigger the overflow. It is possible to execute arbitrary code with kernel-level privileges. Only Windows 2000 and XP hosts are affected by this vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200205-0034",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "blackice agent",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "3.0"
},
{
"model": "blackice defender",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "2.9cap"
},
{
"model": "blackice defender",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "2.9"
},
{
"model": "blackice defender",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "2.9caq"
},
{
"model": "realsecure server sensor",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "6.0.1"
},
{
"model": "realsecure server sensor",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "6.5"
},
{
"model": "blackice agent",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "3.1"
},
{
"model": "security systems realsecure server sensor win",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "6.5"
},
{
"model": "security systems realsecure server sensor win",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "6.0.1"
},
{
"model": "security systems blackice defender caq",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "2.9"
},
{
"model": "security systems blackice defender cap",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "2.9"
},
{
"model": "security systems blackice defender",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "2.9"
},
{
"model": "security systems blackice agent",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.1"
},
{
"model": "security systems blackice agent",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.0"
},
{
"model": "security systems blackice defender car",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "2.9"
}
],
"sources": [
{
"db": "BID",
"id": "4025"
},
{
"db": "NVD",
"id": "CVE-2002-0237"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-101"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:6.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_agent:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_agent:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_defender:2.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_defender:2.9cap:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_defender:2.9caq:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0237"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Matt Taylor\u203b quisit@quest.net",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200205-101"
}
],
"trust": 0.6
},
"cve": "CVE-2002-0237",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-4630",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2002-0237",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200205-101",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-4630",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4630"
},
{
"db": "NVD",
"id": "CVE-2002-0237"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-101"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in ISS BlackICE Defender 2.9 and earlier, BlackICE Agent 3.0 and 3.1, and RealSecure Server Sensor 6.0.1 and 6.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a flood of large ICMP ping packets. Internet Security Systems\u0027s BlackICE Defender, BlackICE Agent and RealSecure Server Sensor, are network intrusion detection systems which run in Microsoft Windows environments. \nA buffer overflow condition has been reported in these products which can be exploited by a remote user. Exploitation is achievable via a ping flood attack. \nSending a series of large Echo Request (ping) packets to a target host will trigger the overflow. \nIt is possible to execute arbitrary code with kernel-level privileges. Only Windows 2000 and XP hosts are affected by this vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0237"
},
{
"db": "BID",
"id": "4025"
},
{
"db": "VULHUB",
"id": "VHN-4630"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "4025",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2002-0237",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200205-101",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20020204 VULNERABILITY IN BLACK ICE DEFENDER",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20020209 ALERT: ISS BLACKICE KERNEL OVERFLOW EXPLOITABLE",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20020206 BLACK ICE PING VULNERABILITY SIDE NOTE",
"trust": 0.6
},
{
"db": "ISS",
"id": "20020204 DOS AND POTENTIAL OVERFLOW VULNERABILITY IN BLACKICE PRODUCTS",
"trust": 0.6
},
{
"db": "NTBUGTRAQ",
"id": "20020209 ALERT: ISS BLACKICE KERNEL OVERFLOW EXPLOITABLE",
"trust": 0.6
},
{
"db": "XF",
"id": "8058",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-4630",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4630"
},
{
"db": "BID",
"id": "4025"
},
{
"db": "NVD",
"id": "CVE-2002-0237"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-101"
}
]
},
"id": "VAR-200205-0034",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-4630"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:05:36.078000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0237"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/4025"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/alerts/advise109.php"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/8058.php"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=101286393404301\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=101302424803268\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=101321744807452\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=ntbugtraq\u0026m=101353165915171\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=101321744807452\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=ntbugtraq\u0026m=101353165915171\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=101302424803268\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=101286393404301\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.networkice.com/products/blackice_defender.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4630"
},
{
"db": "BID",
"id": "4025"
},
{
"db": "NVD",
"id": "CVE-2002-0237"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-101"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-4630"
},
{
"db": "BID",
"id": "4025"
},
{
"db": "NVD",
"id": "CVE-2002-0237"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-101"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-05-29T00:00:00",
"db": "VULHUB",
"id": "VHN-4630"
},
{
"date": "2002-02-04T00:00:00",
"db": "BID",
"id": "4025"
},
{
"date": "2002-05-29T04:00:00",
"db": "NVD",
"id": "CVE-2002-0237"
},
{
"date": "2002-02-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200205-101"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-4630"
},
{
"date": "2002-02-04T00:00:00",
"db": "BID",
"id": "4025"
},
{
"date": "2016-10-18T02:17:24.837000",
"db": "NVD",
"id": "CVE-2002-0237"
},
{
"date": "2005-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200205-101"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200205-101"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ISS BlackICE and RealSecure Remote denial of service vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200205-101"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "4025"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-101"
}
],
"trust": 0.9
}
}
VAR-200110-0073
Vulnerability from variot - Updated: 2023-12-18 12:53Various Intrusion Detection Systems (IDS) including (1) Cisco Secure Intrusion Detection System, (2) Cisco Catalyst 6000 Intrusion Detection System Module, (3) Dragon Sensor 4.x, (4) Snort before 1.8.1, (5) ISS RealSecure Network Sensor 5.x and 6.x before XPU 3.2, and (6) ISS RealSecure Server Sensor 5.5 and 6.0 for Windows, allow remote attackers to evade detection of HTTP attacks via non-standard "%u" Unicode encoding of ASCII characters in the requested URL. Multiple intrusion detection systems may be circumvented via %u encoding allowing intruders to launch attacks undetected. The Microsoft IIS web server supports a non-standard method of encoding web requests. If there is no webserver support for this encoding method or if it is disabled, there will be no targets to which encoded attacks can be sent. NOTE: Only RealSecure, Dragon and Snort are confirmed vulnerable. It is highly likely that IDS systems from other vendors are vulnerable as well, however we have not recieved confirmation. This record will be updated as more information becomes available regarding affected technologies. BlackICE products detect '%u' encoded requests as being invalid, but do not decode them and detect encoded attack signatures
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0073",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "realsecure network sensor",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "5.x"
},
{
"model": "dragon",
"scope": "eq",
"trust": 1.0,
"vendor": "enterasys",
"version": "4.x"
},
{
"model": "realsecure server sensor",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "5.5"
},
{
"model": "realsecure server sensor",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "6.0"
},
{
"model": "snort",
"scope": "eq",
"trust": 1.0,
"vendor": "snort",
"version": "1.8.1"
},
{
"model": "realsecure network sensor",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "6.x"
},
{
"model": "secure intrusion detection system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "catalyst 6000 intrusion detection system module",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "enterasys",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "the snort",
"version": null
},
{
"model": "project snort",
"scope": "eq",
"trust": 0.3,
"vendor": "snort",
"version": "1.8"
},
{
"model": "project snort",
"scope": "eq",
"trust": 0.3,
"vendor": "snort",
"version": "1.7"
},
{
"model": "project snort",
"scope": "eq",
"trust": 0.3,
"vendor": "snort",
"version": "1.6.3"
},
{
"model": "project snort",
"scope": "eq",
"trust": 0.3,
"vendor": "snort",
"version": "1.6.2"
},
{
"model": "project snort",
"scope": "eq",
"trust": 0.3,
"vendor": "snort",
"version": "1.6.1"
},
{
"model": "project snort",
"scope": "eq",
"trust": 0.3,
"vendor": "snort",
"version": "1.6"
},
{
"model": "project snort",
"scope": "eq",
"trust": 0.3,
"vendor": "snort",
"version": "1.5.2"
},
{
"model": "project snort",
"scope": "eq",
"trust": 0.3,
"vendor": "snort",
"version": "1.5.1"
},
{
"model": "project snort",
"scope": "eq",
"trust": 0.3,
"vendor": "snort",
"version": "1.5"
},
{
"model": "network intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "nfr",
"version": "5.0"
},
{
"model": "security systems realsecure server sensor win",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "6.0"
},
{
"model": "security systems realsecure server sensor win",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "5.5.2"
},
{
"model": "security systems realsecure server sensor win",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "5.5.1"
},
{
"model": "security systems realsecure server sensor win",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "5.5"
},
{
"model": "security systems realsecure server sensor win",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "5.0"
},
{
"model": "security systems realsecure network sensor",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "6.0"
},
{
"model": "security systems realsecure network sensor",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "5.5.2"
},
{
"model": "security systems realsecure network sensor",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "5.5.1"
},
{
"model": "security systems realsecure network sensor",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "5.5"
},
{
"model": "security systems realsecure network sensor",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "5.0"
},
{
"model": "dragon ids",
"scope": "eq",
"trust": 0.3,
"vendor": "enterasys",
"version": "4.0"
},
{
"model": "secure ids network sensor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "secure ids host sensor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "catalyst ids module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "project snort",
"scope": "ne",
"trust": 0.3,
"vendor": "snort",
"version": "1.8.1"
},
{
"model": "security systems realsecure server sensor win",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "6.0.1"
},
{
"model": "dragon ids",
"scope": "ne",
"trust": 0.3,
"vendor": "enterasys",
"version": "5.0"
},
{
"model": "associates etrust intrusion detection",
"scope": "ne",
"trust": 0.3,
"vendor": "computer",
"version": "1.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "ne",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.5"
},
{
"model": "secure ids network sensor s6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#548515"
},
{
"db": "BID",
"id": "3292"
},
{
"db": "NVD",
"id": "CVE-2001-0669"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-136"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_intrusion_detection_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_network_sensor:5.x:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_network_sensor:6.x:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:snort:snort:1.8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:catalyst_6000_intrusion_detection_system_module:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:enterasys:dragon:4.x:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0669"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Credited to \u0027hsj\u0027 as being used in proof of concept code for an unrelated vulnerability.\n\nFurther research conducted by eEye Digital Security.",
"sources": [
{
"db": "BID",
"id": "3292"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-136"
}
],
"trust": 0.9
},
"cve": "CVE-2001-0669",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-3478",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2001-0669",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#548515",
"trust": 0.8,
"value": "13.13"
},
{
"author": "CNNVD",
"id": "CNNVD-200110-136",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-3478",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#548515"
},
{
"db": "VULHUB",
"id": "VHN-3478"
},
{
"db": "NVD",
"id": "CVE-2001-0669"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-136"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Various Intrusion Detection Systems (IDS) including (1) Cisco Secure Intrusion Detection System, (2) Cisco Catalyst 6000 Intrusion Detection System Module, (3) Dragon Sensor 4.x, (4) Snort before 1.8.1, (5) ISS RealSecure Network Sensor 5.x and 6.x before XPU 3.2, and (6) ISS RealSecure Server Sensor 5.5 and 6.0 for Windows, allow remote attackers to evade detection of HTTP attacks via non-standard \"%u\" Unicode encoding of ASCII characters in the requested URL. Multiple intrusion detection systems may be circumvented via %u encoding allowing intruders to launch attacks undetected. The Microsoft IIS web server supports a non-standard method of encoding web requests. If there is no webserver support for this encoding method or if it is disabled, there will be no targets to which encoded attacks can be sent. \n**NOTE**: Only RealSecure, Dragon and Snort are confirmed vulnerable. It is highly likely that IDS systems from other vendors are vulnerable as well, however we have not recieved confirmation. This record will be updated as more information becomes available regarding affected technologies. \nBlackICE products detect \u0027%u\u0027 encoded requests as being invalid, but do not decode them and detect encoded attack signatures",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0669"
},
{
"db": "CERT/CC",
"id": "VU#548515"
},
{
"db": "BID",
"id": "3292"
},
{
"db": "VULHUB",
"id": "VHN-3478"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-3478",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-3478"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "3292",
"trust": 2.8
},
{
"db": "CERT/CC",
"id": "VU#548515",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2001-0669",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200110-136",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20010905 CISCO SECURE INTRUSION DETECTION SYSTEM SIGNATURE OBFUSCATION VULNERABILITY",
"trust": 0.6
},
{
"db": "ISS",
"id": "20010905 MULTIPLE VENDOR IDS UNICODE BYPASS VULNERABILITY",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20010905 %U ENCODING IDS BYPASS VULNERABILITY",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-74940",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "21100",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-3478",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#548515"
},
{
"db": "VULHUB",
"id": "VHN-3478"
},
{
"db": "BID",
"id": "3292"
},
{
"db": "NVD",
"id": "CVE-2001-0669"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-136"
}
]
},
"id": "VAR-200110-0073",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-3478"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:53:57.096000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0669"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://www.cisco.com/warp/public/707/cisco-intrusion-detection-obfuscation-vuln-pub.shtml"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/3292"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/548515"
},
{
"trust": 1.7,
"url": "http://xforce.iss.net/alerts/advise95.php"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=99972950200602\u0026w=2"
},
{
"trust": 0.8,
"url": "http://www.eeye.com/html/research/advisories/index.html"
},
{
"trust": 0.8,
"url": "http://www.iss.net/db_data/xpu/rs.php"
},
{
"trust": 0.8,
"url": "http://www.iss.net/eval/eval.php"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=99972950200602\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.enterasys.com/ids/"
},
{
"trust": 0.3,
"url": "http://www.eeye.com"
},
{
"trust": 0.3,
"url": "http://www.iss.net/securing_e-business/security_products/intrusion_detection/"
},
{
"trust": 0.3,
"url": "http://www.nfr.com/products/nid/"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/cc/pd/sqsw/sqidsz/index.shtml"
},
{
"trust": 0.3,
"url": "http://www.snort.org"
},
{
"trust": 0.3,
"url": "http://www.iss.net/xforce"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=99972950200602\u0026amp;w=2"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#548515"
},
{
"db": "VULHUB",
"id": "VHN-3478"
},
{
"db": "BID",
"id": "3292"
},
{
"db": "NVD",
"id": "CVE-2001-0669"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-136"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#548515"
},
{
"db": "VULHUB",
"id": "VHN-3478"
},
{
"db": "BID",
"id": "3292"
},
{
"db": "NVD",
"id": "CVE-2001-0669"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-136"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-09-07T00:00:00",
"db": "CERT/CC",
"id": "VU#548515"
},
{
"date": "2001-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-3478"
},
{
"date": "2001-09-05T00:00:00",
"db": "BID",
"id": "3292"
},
{
"date": "2001-10-30T05:00:00",
"db": "NVD",
"id": "CVE-2001-0669"
},
{
"date": "2001-10-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200110-136"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-10-30T00:00:00",
"db": "CERT/CC",
"id": "VU#548515"
},
{
"date": "2016-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-3478"
},
{
"date": "2001-09-05T00:00:00",
"db": "BID",
"id": "3292"
},
{
"date": "2016-10-18T02:11:41.187000",
"db": "NVD",
"id": "CVE-2001-0669"
},
{
"date": "2006-08-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200110-136"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200110-136"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple intrusion detection systems may be circumvented via %u encoding",
"sources": [
{
"db": "CERT/CC",
"id": "VU#548515"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "wrong environmental conditions",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200110-136"
}
],
"trust": 0.6
}
}
CVE-2003-5003 (GCVE-0-2003-5003)
Vulnerability from nvd – Published: 2022-03-28 20:45 – Updated: 2024-08-08 02:35 Unsupported When Assigned
VLAI
Title
ISS BlackICE PC Protection Update cross site scriting
Summary
A vulnerability was found in ISS BlackICE PC Protection. It has been rated as problematic. Affected by this issue is the Update Handler. The manipulation with an unknown input leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Severity
5 (Medium)
CWE
- CWE-80 - Basic Cross Site Scripting
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://vuldb.com/?id.296 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ISS | BlackICE PC Protection |
Affected:
n/a
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:35:17.306Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.296"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BlackICE PC Protection",
"vendor": "ISS",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Marc Ruef"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in ISS BlackICE PC Protection. It has been rated as problematic. Affected by this issue is the Update Handler. The manipulation with an unknown input leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-80",
"description": "CWE-80 Basic Cross Site Scripting",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-03T22:16:27.000Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.296"
}
],
"tags": [
"unsupported-when-assigned"
],
"title": "ISS BlackICE PC Protection Update cross site scriting",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2003-5003",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "ISS BlackICE PC Protection Update cross site scriting"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BlackICE PC Protection",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "ISS"
}
]
}
},
"credit": "Marc Ruef",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in ISS BlackICE PC Protection. It has been rated as problematic. Affected by this issue is the Update Handler. The manipulation with an unknown input leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "5.0",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-80 Basic Cross Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://vuldb.com/?id.296",
"refsource": "MISC",
"url": "https://vuldb.com/?id.296"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2003-5003",
"datePublished": "2022-03-28T20:45:46.000Z",
"dateReserved": "2022-01-28T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:35:17.306Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-5002 (GCVE-0-2003-5002)
Vulnerability from nvd – Published: 2022-03-28 20:45 – Updated: 2024-08-08 02:35 Unsupported When Assigned
VLAI
Title
ISS BlackICE PC Protection Update cleartext transmission
Summary
A vulnerability was found in ISS BlackICE PC Protection. It has been declared as problematic. Affected by this vulnerability is the component Update Handler which allows cleartext transmission of data. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Severity
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://vuldb.com/?id.295 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ISS | BlackICE PC Protection |
Affected:
n/a
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:35:16.644Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.295"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BlackICE PC Protection",
"vendor": "ISS",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Marc Ruef"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in ISS BlackICE PC Protection. It has been declared as problematic. Affected by this vulnerability is the component Update Handler which allows cleartext transmission of data. NOTE: This vulnerability only affects products that are no longer supported by the maintainer"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-03T22:16:21.000Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.295"
}
],
"tags": [
"unsupported-when-assigned"
],
"title": "ISS BlackICE PC Protection Update cleartext transmission",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2003-5002",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "ISS BlackICE PC Protection Update cleartext transmission"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BlackICE PC Protection",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "ISS"
}
]
}
},
"credit": "Marc Ruef",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in ISS BlackICE PC Protection. It has been declared as problematic. Affected by this vulnerability is the component Update Handler which allows cleartext transmission of data. NOTE: This vulnerability only affects products that are no longer supported by the maintainer."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "3.7",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-319 Cleartext Transmission of Sensitive Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://vuldb.com/?id.295",
"refsource": "MISC",
"url": "https://vuldb.com/?id.295"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2003-5002",
"datePublished": "2022-03-28T20:45:44.000Z",
"dateReserved": "2022-01-28T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:35:16.644Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-5001 (GCVE-0-2003-5001)
Vulnerability from nvd – Published: 2022-03-28 20:45 – Updated: 2024-08-08 02:35 Unsupported When Assigned
VLAI
Title
ISS BlackICE PC Protection Cross Site Scripting Detection privileges management
Summary
A vulnerability was found in ISS BlackICE PC Protection and classified as critical. Affected by this issue is the component Cross Site Scripting Detection. The manipulation as part of POST/PUT/DELETE/OPTIONS Request leads to privilege escalation. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Severity
5.3 (Medium)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.104 | x_refsource_MISC |
| http://www.computec.ch/mruef/advisories/black_ice… | x_refsource_MISC |
| http://www.cgisecurity.com/articles/xss-faq.shtml | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ISS | BlackICE PC Protection |
Affected:
n/a
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:35:17.270Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.104"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.computec.ch/mruef/advisories/black_ice_pc_protection_xss_evasion.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cgisecurity.com/articles/xss-faq.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BlackICE PC Protection",
"vendor": "ISS",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Marc Ruef"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in ISS BlackICE PC Protection and classified as critical. Affected by this issue is the component Cross Site Scripting Detection. The manipulation as part of POST/PUT/DELETE/OPTIONS Request leads to privilege escalation. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. NOTE: This vulnerability only affects products that are no longer supported by the maintainer"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-03T22:16:30.000Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.104"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.computec.ch/mruef/advisories/black_ice_pc_protection_xss_evasion.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cgisecurity.com/articles/xss-faq.shtml"
}
],
"tags": [
"unsupported-when-assigned"
],
"title": "ISS BlackICE PC Protection Cross Site Scripting Detection privileges management",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2003-5001",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "ISS BlackICE PC Protection Cross Site Scripting Detection privileges management"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BlackICE PC Protection",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "ISS"
}
]
}
},
"credit": "Marc Ruef",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in ISS BlackICE PC Protection and classified as critical. Affected by this issue is the component Cross Site Scripting Detection. The manipulation as part of POST/PUT/DELETE/OPTIONS Request leads to privilege escalation. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. NOTE: This vulnerability only affects products that are no longer supported by the maintainer."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269 Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://vuldb.com/?id.104",
"refsource": "MISC",
"url": "https://vuldb.com/?id.104"
},
{
"name": "http://www.computec.ch/mruef/advisories/black_ice_pc_protection_xss_evasion.txt",
"refsource": "MISC",
"url": "http://www.computec.ch/mruef/advisories/black_ice_pc_protection_xss_evasion.txt"
},
{
"name": "http://www.cgisecurity.com/articles/xss-faq.shtml",
"refsource": "MISC",
"url": "http://www.cgisecurity.com/articles/xss-faq.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2003-5001",
"datePublished": "2022-03-28T20:45:43.000Z",
"dateReserved": "2022-01-28T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:35:17.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-7725 (GCVE-0-2014-7725)
Vulnerability from nvd – Published: 2014-10-21 10:00 – Updated: 2024-08-06 12:56
VLAI
Summary
The Rally Albania Live 2014 (aka com.wRallyAlbaniaLIVE2014) application 0.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.kb.cert.org/vuls/id/399017 | third-party-advisoryx_refsource_CERT-VN |
| http://www.kb.cert.org/vuls/id/582497 | third-party-advisoryx_refsource_CERT-VN |
| https://docs.google.com/spreadsheets/d/1t5GXwjw82… | x_refsource_MISC |
Date Public
2014-10-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:56:12.370Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#399017",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/399017"
},
{
"name": "VU#582497",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Rally Albania Live 2014 (aka com.wRallyAlbaniaLIVE2014) application 0.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-10-21T07:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#399017",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/399017"
},
{
"name": "VU#582497",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-7725",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Rally Albania Live 2014 (aka com.wRallyAlbaniaLIVE2014) application 0.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#399017",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/399017"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2014-7725",
"datePublished": "2014-10-21T10:00:00.000Z",
"dateReserved": "2014-10-03T00:00:00.000Z",
"dateUpdated": "2024-08-06T12:56:12.370Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2690 (GCVE-0-2007-2690)
Vulnerability from nvd – Published: 2007-05-16 01:00 – Updated: 2024-08-07 13:49
VLAI
Summary
Multiple IBM ISS Proventia Series products, including the A, G, and M series, do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.kb.cert.org/vuls/id/739224 | third-party-advisoryx_refsource_CERT-VN |
| http://www.securitytracker.com/id?1018068 | vdb-entryx_refsource_SECTRACK |
| http://www.gamasec.net/english/gs07-01.html | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/468633/100… | mailing-listx_refsource_BUGTRAQ |
Date Public
2007-05-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:49:57.183Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#739224",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/739224"
},
{
"name": "1018068",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018068"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.gamasec.net/english/gs07-01.html"
},
{
"name": "20070515 GS07-01 Full-Width and Half-Width Unicode Encoding IDS/IPS/WAF Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/468633/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-05-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple IBM ISS Proventia Series products, including the A, G, and M series, do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#739224",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/739224"
},
{
"name": "1018068",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018068"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.gamasec.net/english/gs07-01.html"
},
{
"name": "20070515 GS07-01 Full-Width and Half-Width Unicode Encoding IDS/IPS/WAF Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/468633/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2690",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple IBM ISS Proventia Series products, including the A, G, and M series, do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#739224",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/739224"
},
{
"name": "1018068",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018068"
},
{
"name": "http://www.gamasec.net/english/gs07-01.html",
"refsource": "MISC",
"url": "http://www.gamasec.net/english/gs07-01.html"
},
{
"name": "20070515 GS07-01 Full-Width and Half-Width Unicode Encoding IDS/IPS/WAF Bypass Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/468633/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2690",
"datePublished": "2007-05-16T01:00:00.000Z",
"dateReserved": "2007-05-15T00:00:00.000Z",
"dateUpdated": "2024-08-07T13:49:57.183Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-7129 (GCVE-0-2006-7129)
Vulnerability from nvd – Published: 2007-03-06 01:00 – Updated: 2024-08-07 20:50
VLAI
Summary
ISS BlackICE PC Protection 3.6 cpj and cpu, and possibly earlier versions, allows local users to bypass the protection scheme by using the ZwDeleteFile API function to delete the critical filelock.txt file, which stores information about protected files.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://archives.neohapsis.com/archives/fulldisclo… | mailing-listx_refsource_FULLDISC |
| http://securityreason.com/securityalert/2361 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/bid/20546 | vdb-entryx_refsource_BID |
| http://www.osvdb.org/30901 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/archive/1/448763/100… | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.matousec.com/info/advisories/BlackICE-… | x_refsource_MISC |
Date Public
2006-10-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:50:06.200Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20061015 ISS BlackICE PC Protection Filelock protection bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0298.html"
},
{
"name": "2361",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2361"
},
{
"name": "20546",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20546"
},
{
"name": "30901",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/30901"
},
{
"name": "20061015 ISS BlackICE PC Protection Filelock protection bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/448763/100/0/threaded"
},
{
"name": "blackice-filelock-protection-bypass(29575)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29575"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/BlackICE-Filelock-protection-bypass.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ISS BlackICE PC Protection 3.6 cpj and cpu, and possibly earlier versions, allows local users to bypass the protection scheme by using the ZwDeleteFile API function to delete the critical filelock.txt file, which stores information about protected files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20061015 ISS BlackICE PC Protection Filelock protection bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0298.html"
},
{
"name": "2361",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2361"
},
{
"name": "20546",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20546"
},
{
"name": "30901",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/30901"
},
{
"name": "20061015 ISS BlackICE PC Protection Filelock protection bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/448763/100/0/threaded"
},
{
"name": "blackice-filelock-protection-bypass(29575)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29575"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/BlackICE-Filelock-protection-bypass.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-7129",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ISS BlackICE PC Protection 3.6 cpj and cpu, and possibly earlier versions, allows local users to bypass the protection scheme by using the ZwDeleteFile API function to delete the critical filelock.txt file, which stores information about protected files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20061015 ISS BlackICE PC Protection Filelock protection bypass Vulnerability",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0298.html"
},
{
"name": "2361",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2361"
},
{
"name": "20546",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20546"
},
{
"name": "30901",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/30901"
},
{
"name": "20061015 ISS BlackICE PC Protection Filelock protection bypass Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/448763/100/0/threaded"
},
{
"name": "blackice-filelock-protection-bypass(29575)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29575"
},
{
"name": "http://www.matousec.com/info/advisories/BlackICE-Filelock-protection-bypass.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/BlackICE-Filelock-protection-bypass.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-7129",
"datePublished": "2007-03-06T01:00:00.000Z",
"dateReserved": "2007-03-05T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:50:06.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4541 (GCVE-0-2006-4541)
Vulnerability from nvd – Published: 2006-09-05 23:00 – Updated: 2024-08-07 19:14
VLAI
Summary
RapDrv.sys in BlackICE PC Protection 3.6.cpn, cpj, cpiE, and possibly 3.6 and earlier, allows local users to cause a denial of service (crash) via a NULL third argument to the NtOpenSection API function. NOTE: it was later reported that 3.6.cqn is also affected.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://securityreason.com/securityalert/1512 | third-party-advisoryx_refsource_SREASON |
| http://www.osvdb.org/28332 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/21710 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/archive/1/444958/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/19800 | vdb-entryx_refsource_BID |
| http://www.matousec.com/info/advisories/BlackICE-… | x_refsource_MISC |
| http://www.matousec.com/info/advisories/plague-in… | x_refsource_MISC |
| http://www.matousec.com/projects/windows-personal… | x_refsource_MISC |
| http://www.vupen.com/english/advisories/2006/3431 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/archive/1/479830/100… | mailing-listx_refsource_BUGTRAQ |
Date Public
2006-09-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:14:47.447Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1512",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1512"
},
{
"name": "28332",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/28332"
},
{
"name": "21710",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21710"
},
{
"name": "20060901 ISS BlackICE PC Protection Insufficient validation of arguments of NtOpenSection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/444958/100/0/threaded"
},
{
"name": "19800",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19800"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/BlackICE-Insufficient-validation-of-arguments-of-NtOpenSection.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
},
{
"name": "ADV-2006-3431",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3431"
},
{
"name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "RapDrv.sys in BlackICE PC Protection 3.6.cpn, cpj, cpiE, and possibly 3.6 and earlier, allows local users to cause a denial of service (crash) via a NULL third argument to the NtOpenSection API function. NOTE: it was later reported that 3.6.cqn is also affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1512",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1512"
},
{
"name": "28332",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/28332"
},
{
"name": "21710",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21710"
},
{
"name": "20060901 ISS BlackICE PC Protection Insufficient validation of arguments of NtOpenSection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/444958/100/0/threaded"
},
{
"name": "19800",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19800"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/BlackICE-Insufficient-validation-of-arguments-of-NtOpenSection.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
},
{
"name": "ADV-2006-3431",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3431"
},
{
"name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4541",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "RapDrv.sys in BlackICE PC Protection 3.6.cpn, cpj, cpiE, and possibly 3.6 and earlier, allows local users to cause a denial of service (crash) via a NULL third argument to the NtOpenSection API function. NOTE: it was later reported that 3.6.cqn is also affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1512",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1512"
},
{
"name": "28332",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/28332"
},
{
"name": "21710",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21710"
},
{
"name": "20060901 ISS BlackICE PC Protection Insufficient validation of arguments of NtOpenSection Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/444958/100/0/threaded"
},
{
"name": "19800",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19800"
},
{
"name": "http://www.matousec.com/info/advisories/BlackICE-Insufficient-validation-of-arguments-of-NtOpenSection.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/BlackICE-Insufficient-validation-of-arguments-of-NtOpenSection.php"
},
{
"name": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
},
{
"name": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php",
"refsource": "MISC",
"url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
},
{
"name": "ADV-2006-3431",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3431"
},
{
"name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4541",
"datePublished": "2006-09-05T23:00:00.000Z",
"dateReserved": "2006-09-05T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:14:47.447Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3999 (GCVE-0-2006-3999)
Vulnerability from nvd – Published: 2006-08-05 01:00 – Updated: 2024-08-07 18:48
VLAI
Summary
ISS BlackICE PC Protection 3.6.cpj, 3.6.cpiE, and possibly earlier versions do not properly monitor the integrity of the pamversion.dll BlackICE library, which allows local users to subvert BlackICE by replacing pamversion.dll. NOTE: in most cases, the attack would not cross privilege boundaries because replacing pamversion.dll requires administrative privileges. However, this issue is a vulnerability because BlackICE is intended to protect against certain rogue privileged actions.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://securitytracker.com/id?1016618 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/archive/1/441829/100… | mailing-listx_refsource_BUGTRAQ |
| http://securityreason.com/securityalert/1338 | third-party-advisoryx_refsource_SREASON |
Date Public
2006-08-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:48:39.409Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1016618",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016618"
},
{
"name": "20060801 ISS BlackICE PC Protection DLL faking of run-time linked libraries Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/441829/100/0/threaded"
},
{
"name": "1338",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1338"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ISS BlackICE PC Protection 3.6.cpj, 3.6.cpiE, and possibly earlier versions do not properly monitor the integrity of the pamversion.dll BlackICE library, which allows local users to subvert BlackICE by replacing pamversion.dll. NOTE: in most cases, the attack would not cross privilege boundaries because replacing pamversion.dll requires administrative privileges. However, this issue is a vulnerability because BlackICE is intended to protect against certain rogue privileged actions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1016618",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016618"
},
{
"name": "20060801 ISS BlackICE PC Protection DLL faking of run-time linked libraries Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/441829/100/0/threaded"
},
{
"name": "1338",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1338"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3999",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ISS BlackICE PC Protection 3.6.cpj, 3.6.cpiE, and possibly earlier versions do not properly monitor the integrity of the pamversion.dll BlackICE library, which allows local users to subvert BlackICE by replacing pamversion.dll. NOTE: in most cases, the attack would not cross privilege boundaries because replacing pamversion.dll requires administrative privileges. However, this issue is a vulnerability because BlackICE is intended to protect against certain rogue privileged actions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1016618",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016618"
},
{
"name": "20060801 ISS BlackICE PC Protection DLL faking of run-time linked libraries Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/441829/100/0/threaded"
},
{
"name": "1338",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1338"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3999",
"datePublished": "2006-08-05T01:00:00.000Z",
"dateReserved": "2006-08-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:48:39.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3840 (GCVE-0-2006-3840)
Vulnerability from nvd – Published: 2006-07-27 10:00 – Updated: 2024-08-07 18:48
VLAI
Summary
The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| https://iss.custhelp.com/cgi-bin/iss.cfg/php/endu… | x_refsource_CONFIRM |
| http://www.securityfocus.com/archive/1/441278/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.nsfocus.com/english/homepage/research/… | x_refsource_MISC |
| http://secunia.com/advisories/21219 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2006/2996 | vdb-entryx_refsource_VUPEN |
| http://securitytracker.com/id?1016592 | vdb-entryx_refsource_SECTRACK |
| http://xforce.iss.net/xforce/alerts/id/230 | third-party-advisoryx_refsource_ISS |
| http://www.securityfocus.com/bid/19178 | vdb-entryx_refsource_BID |
| http://securitytracker.com/id?1016590 | vdb-entryx_refsource_SECTRACK |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://securitytracker.com/id?1016591 | vdb-entryx_refsource_SECTRACK |
Date Public
2006-07-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:48:39.136Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630"
},
{
"name": "20060727 NSFOCUS SA2006-07 : ISS RealSecure/BlackICE MailSlot Heap Overflow Detection Remote DoS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/441278/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nsfocus.com/english/homepage/research/0607.htm"
},
{
"name": "21219",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21219"
},
{
"name": "ADV-2006-2996",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2996"
},
{
"name": "1016592",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016592"
},
{
"name": "20060726 Protocol Parsing Bug in SMB Mailslot Parsing in ISS Products",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://xforce.iss.net/xforce/alerts/id/230"
},
{
"name": "19178",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19178"
},
{
"name": "1016590",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016590"
},
{
"name": "pam-smb-mailslot-dos(27965)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27965"
},
{
"name": "1016591",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016591"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630"
},
{
"name": "20060727 NSFOCUS SA2006-07 : ISS RealSecure/BlackICE MailSlot Heap Overflow Detection Remote DoS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/441278/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nsfocus.com/english/homepage/research/0607.htm"
},
{
"name": "21219",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21219"
},
{
"name": "ADV-2006-2996",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2996"
},
{
"name": "1016592",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016592"
},
{
"name": "20060726 Protocol Parsing Bug in SMB Mailslot Parsing in ISS Products",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://xforce.iss.net/xforce/alerts/id/230"
},
{
"name": "19178",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19178"
},
{
"name": "1016590",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016590"
},
{
"name": "pam-smb-mailslot-dos(27965)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27965"
},
{
"name": "1016591",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016591"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3840",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630",
"refsource": "CONFIRM",
"url": "https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630"
},
{
"name": "20060727 NSFOCUS SA2006-07 : ISS RealSecure/BlackICE MailSlot Heap Overflow Detection Remote DoS Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/441278/100/0/threaded"
},
{
"name": "http://www.nsfocus.com/english/homepage/research/0607.htm",
"refsource": "MISC",
"url": "http://www.nsfocus.com/english/homepage/research/0607.htm"
},
{
"name": "21219",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21219"
},
{
"name": "ADV-2006-2996",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2996"
},
{
"name": "1016592",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016592"
},
{
"name": "20060726 Protocol Parsing Bug in SMB Mailslot Parsing in ISS Products",
"refsource": "ISS",
"url": "http://xforce.iss.net/xforce/alerts/id/230"
},
{
"name": "19178",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19178"
},
{
"name": "1016590",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016590"
},
{
"name": "pam-smb-mailslot-dos(27965)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27965"
},
{
"name": "1016591",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016591"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3840",
"datePublished": "2006-07-27T10:00:00.000Z",
"dateReserved": "2006-07-25T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:48:39.136Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2711 (GCVE-0-2005-2711)
Vulnerability from nvd – Published: 2006-03-24 02:00 – Updated: 2024-08-07 22:45
VLAI
Summary
ISS BlackIce 3.6, as used in multiple products including BlackICE PC Protection, Server Protection, Agent for Server, and RealSecure Desktop 3.6 and 7.0, does not drop privileges before launching help from the "More Info" button in the "Application Protection" dialog, which allows local users to execute arbitrary programs as SYSTEM.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/17218 | vdb-entryx_refsource_BID |
| http://securitytracker.com/id?1015820 | vdb-entryx_refsource_SECTRACK |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.osvdb.org/24096 | vdb-entryx_refsource_OSVDB |
| http://www.vupen.com/english/advisories/2006/1090 | vdb-entryx_refsource_VUPEN |
| http://www.idefense.com/intelligence/vulnerabilit… | third-party-advisoryx_refsource_IDEFENSE |
| http://securitytracker.com/id?1015821 | vdb-entryx_refsource_SECTRACK |
| http://secunia.com/advisories/19327 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2006-03-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:45:02.167Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "17218",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17218"
},
{
"name": "1015820",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015820"
},
{
"name": "blackice-appprotection-privilege-escalation(25423)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25423"
},
{
"name": "24096",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24096"
},
{
"name": "ADV-2006-1090",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1090"
},
{
"name": "20060323 ISS Multiple Products Local Privilege Escalation Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=403"
},
{
"name": "1015821",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015821"
},
{
"name": "19327",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19327"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-03-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ISS BlackIce 3.6, as used in multiple products including BlackICE PC Protection, Server Protection, Agent for Server, and RealSecure Desktop 3.6 and 7.0, does not drop privileges before launching help from the \"More Info\" button in the \"Application Protection\" dialog, which allows local users to execute arbitrary programs as SYSTEM."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "17218",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17218"
},
{
"name": "1015820",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015820"
},
{
"name": "blackice-appprotection-privilege-escalation(25423)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25423"
},
{
"name": "24096",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24096"
},
{
"name": "ADV-2006-1090",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1090"
},
{
"name": "20060323 ISS Multiple Products Local Privilege Escalation Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=403"
},
{
"name": "1015821",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015821"
},
{
"name": "19327",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19327"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2711",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ISS BlackIce 3.6, as used in multiple products including BlackICE PC Protection, Server Protection, Agent for Server, and RealSecure Desktop 3.6 and 7.0, does not drop privileges before launching help from the \"More Info\" button in the \"Application Protection\" dialog, which allows local users to execute arbitrary programs as SYSTEM."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "17218",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17218"
},
{
"name": "1015820",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015820"
},
{
"name": "blackice-appprotection-privilege-escalation(25423)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25423"
},
{
"name": "24096",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24096"
},
{
"name": "ADV-2006-1090",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1090"
},
{
"name": "20060323 ISS Multiple Products Local Privilege Escalation Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=403"
},
{
"name": "1015821",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015821"
},
{
"name": "19327",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19327"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2711",
"datePublished": "2006-03-24T02:00:00.000Z",
"dateReserved": "2005-08-26T00:00:00.000Z",
"dateUpdated": "2024-08-07T22:45:02.167Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-5003 (GCVE-0-2003-5003)
Vulnerability from cvelistv5 – Published: 2022-03-28 20:45 – Updated: 2024-08-08 02:35 Unsupported When Assigned
VLAI
Title
ISS BlackICE PC Protection Update cross site scriting
Summary
A vulnerability was found in ISS BlackICE PC Protection. It has been rated as problematic. Affected by this issue is the Update Handler. The manipulation with an unknown input leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Severity
5 (Medium)
CWE
- CWE-80 - Basic Cross Site Scripting
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://vuldb.com/?id.296 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ISS | BlackICE PC Protection |
Affected:
n/a
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:35:17.306Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.296"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BlackICE PC Protection",
"vendor": "ISS",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Marc Ruef"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in ISS BlackICE PC Protection. It has been rated as problematic. Affected by this issue is the Update Handler. The manipulation with an unknown input leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-80",
"description": "CWE-80 Basic Cross Site Scripting",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-03T22:16:27.000Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.296"
}
],
"tags": [
"unsupported-when-assigned"
],
"title": "ISS BlackICE PC Protection Update cross site scriting",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2003-5003",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "ISS BlackICE PC Protection Update cross site scriting"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BlackICE PC Protection",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "ISS"
}
]
}
},
"credit": "Marc Ruef",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in ISS BlackICE PC Protection. It has been rated as problematic. Affected by this issue is the Update Handler. The manipulation with an unknown input leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "5.0",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-80 Basic Cross Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://vuldb.com/?id.296",
"refsource": "MISC",
"url": "https://vuldb.com/?id.296"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2003-5003",
"datePublished": "2022-03-28T20:45:46.000Z",
"dateReserved": "2022-01-28T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:35:17.306Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-5002 (GCVE-0-2003-5002)
Vulnerability from cvelistv5 – Published: 2022-03-28 20:45 – Updated: 2024-08-08 02:35 Unsupported When Assigned
VLAI
Title
ISS BlackICE PC Protection Update cleartext transmission
Summary
A vulnerability was found in ISS BlackICE PC Protection. It has been declared as problematic. Affected by this vulnerability is the component Update Handler which allows cleartext transmission of data. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Severity
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://vuldb.com/?id.295 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ISS | BlackICE PC Protection |
Affected:
n/a
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:35:16.644Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.295"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BlackICE PC Protection",
"vendor": "ISS",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Marc Ruef"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in ISS BlackICE PC Protection. It has been declared as problematic. Affected by this vulnerability is the component Update Handler which allows cleartext transmission of data. NOTE: This vulnerability only affects products that are no longer supported by the maintainer"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-03T22:16:21.000Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.295"
}
],
"tags": [
"unsupported-when-assigned"
],
"title": "ISS BlackICE PC Protection Update cleartext transmission",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2003-5002",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "ISS BlackICE PC Protection Update cleartext transmission"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BlackICE PC Protection",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "ISS"
}
]
}
},
"credit": "Marc Ruef",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in ISS BlackICE PC Protection. It has been declared as problematic. Affected by this vulnerability is the component Update Handler which allows cleartext transmission of data. NOTE: This vulnerability only affects products that are no longer supported by the maintainer."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "3.7",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-319 Cleartext Transmission of Sensitive Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://vuldb.com/?id.295",
"refsource": "MISC",
"url": "https://vuldb.com/?id.295"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2003-5002",
"datePublished": "2022-03-28T20:45:44.000Z",
"dateReserved": "2022-01-28T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:35:16.644Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-5001 (GCVE-0-2003-5001)
Vulnerability from cvelistv5 – Published: 2022-03-28 20:45 – Updated: 2024-08-08 02:35 Unsupported When Assigned
VLAI
Title
ISS BlackICE PC Protection Cross Site Scripting Detection privileges management
Summary
A vulnerability was found in ISS BlackICE PC Protection and classified as critical. Affected by this issue is the component Cross Site Scripting Detection. The manipulation as part of POST/PUT/DELETE/OPTIONS Request leads to privilege escalation. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Severity
5.3 (Medium)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.104 | x_refsource_MISC |
| http://www.computec.ch/mruef/advisories/black_ice… | x_refsource_MISC |
| http://www.cgisecurity.com/articles/xss-faq.shtml | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ISS | BlackICE PC Protection |
Affected:
n/a
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:35:17.270Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.104"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.computec.ch/mruef/advisories/black_ice_pc_protection_xss_evasion.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cgisecurity.com/articles/xss-faq.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BlackICE PC Protection",
"vendor": "ISS",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Marc Ruef"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in ISS BlackICE PC Protection and classified as critical. Affected by this issue is the component Cross Site Scripting Detection. The manipulation as part of POST/PUT/DELETE/OPTIONS Request leads to privilege escalation. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. NOTE: This vulnerability only affects products that are no longer supported by the maintainer"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-03T22:16:30.000Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.104"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.computec.ch/mruef/advisories/black_ice_pc_protection_xss_evasion.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cgisecurity.com/articles/xss-faq.shtml"
}
],
"tags": [
"unsupported-when-assigned"
],
"title": "ISS BlackICE PC Protection Cross Site Scripting Detection privileges management",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2003-5001",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "ISS BlackICE PC Protection Cross Site Scripting Detection privileges management"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BlackICE PC Protection",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "ISS"
}
]
}
},
"credit": "Marc Ruef",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in ISS BlackICE PC Protection and classified as critical. Affected by this issue is the component Cross Site Scripting Detection. The manipulation as part of POST/PUT/DELETE/OPTIONS Request leads to privilege escalation. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. NOTE: This vulnerability only affects products that are no longer supported by the maintainer."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269 Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://vuldb.com/?id.104",
"refsource": "MISC",
"url": "https://vuldb.com/?id.104"
},
{
"name": "http://www.computec.ch/mruef/advisories/black_ice_pc_protection_xss_evasion.txt",
"refsource": "MISC",
"url": "http://www.computec.ch/mruef/advisories/black_ice_pc_protection_xss_evasion.txt"
},
{
"name": "http://www.cgisecurity.com/articles/xss-faq.shtml",
"refsource": "MISC",
"url": "http://www.cgisecurity.com/articles/xss-faq.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2003-5001",
"datePublished": "2022-03-28T20:45:43.000Z",
"dateReserved": "2022-01-28T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:35:17.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-7725 (GCVE-0-2014-7725)
Vulnerability from cvelistv5 – Published: 2014-10-21 10:00 – Updated: 2024-08-06 12:56
VLAI
Summary
The Rally Albania Live 2014 (aka com.wRallyAlbaniaLIVE2014) application 0.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.kb.cert.org/vuls/id/399017 | third-party-advisoryx_refsource_CERT-VN |
| http://www.kb.cert.org/vuls/id/582497 | third-party-advisoryx_refsource_CERT-VN |
| https://docs.google.com/spreadsheets/d/1t5GXwjw82… | x_refsource_MISC |
Date Public
2014-10-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:56:12.370Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#399017",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/399017"
},
{
"name": "VU#582497",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Rally Albania Live 2014 (aka com.wRallyAlbaniaLIVE2014) application 0.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-10-21T07:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#399017",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/399017"
},
{
"name": "VU#582497",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-7725",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Rally Albania Live 2014 (aka com.wRallyAlbaniaLIVE2014) application 0.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#399017",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/399017"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2014-7725",
"datePublished": "2014-10-21T10:00:00.000Z",
"dateReserved": "2014-10-03T00:00:00.000Z",
"dateUpdated": "2024-08-06T12:56:12.370Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-1527 (GCVE-0-2003-1527)
Vulnerability from cvelistv5 – Published: 2007-10-26 19:00 – Updated: 2024-09-17 03:07
VLAI
Summary
BlackICE Defender 2.9.cap and Server Protection 3.5.cdf, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://online.securityfocus.com/archive/1/294411 | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/5917 | vdb-entryx_refsource_BID |
| http://www.iss.net/security_center/static/10314.php | vdb-entryx_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:35:16.419Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20021008 Multiple Vendor PC firewall remote denial of services Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/294411"
},
{
"name": "5917",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5917"
},
{
"name": "firewall-autoblock-spoofing-dos(10314)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10314.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BlackICE Defender 2.9.cap and Server Protection 3.5.cdf, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-10-26T19:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20021008 Multiple Vendor PC firewall remote denial of services Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/294411"
},
{
"name": "5917",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5917"
},
{
"name": "firewall-autoblock-spoofing-dos(10314)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10314.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1527",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "BlackICE Defender 2.9.cap and Server Protection 3.5.cdf, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20021008 Multiple Vendor PC firewall remote denial of services Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/294411"
},
{
"name": "5917",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5917"
},
{
"name": "firewall-autoblock-spoofing-dos(10314)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10314.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1527",
"datePublished": "2007-10-26T19:00:00.000Z",
"dateReserved": "2007-10-26T00:00:00.000Z",
"dateUpdated": "2024-09-17T03:07:45.188Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2690 (GCVE-0-2007-2690)
Vulnerability from cvelistv5 – Published: 2007-05-16 01:00 – Updated: 2024-08-07 13:49
VLAI
Summary
Multiple IBM ISS Proventia Series products, including the A, G, and M series, do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.kb.cert.org/vuls/id/739224 | third-party-advisoryx_refsource_CERT-VN |
| http://www.securitytracker.com/id?1018068 | vdb-entryx_refsource_SECTRACK |
| http://www.gamasec.net/english/gs07-01.html | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/468633/100… | mailing-listx_refsource_BUGTRAQ |
Date Public
2007-05-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:49:57.183Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#739224",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/739224"
},
{
"name": "1018068",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018068"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.gamasec.net/english/gs07-01.html"
},
{
"name": "20070515 GS07-01 Full-Width and Half-Width Unicode Encoding IDS/IPS/WAF Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/468633/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-05-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple IBM ISS Proventia Series products, including the A, G, and M series, do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#739224",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/739224"
},
{
"name": "1018068",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018068"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.gamasec.net/english/gs07-01.html"
},
{
"name": "20070515 GS07-01 Full-Width and Half-Width Unicode Encoding IDS/IPS/WAF Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/468633/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2690",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple IBM ISS Proventia Series products, including the A, G, and M series, do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#739224",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/739224"
},
{
"name": "1018068",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018068"
},
{
"name": "http://www.gamasec.net/english/gs07-01.html",
"refsource": "MISC",
"url": "http://www.gamasec.net/english/gs07-01.html"
},
{
"name": "20070515 GS07-01 Full-Width and Half-Width Unicode Encoding IDS/IPS/WAF Bypass Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/468633/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2690",
"datePublished": "2007-05-16T01:00:00.000Z",
"dateReserved": "2007-05-15T00:00:00.000Z",
"dateUpdated": "2024-08-07T13:49:57.183Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-7129 (GCVE-0-2006-7129)
Vulnerability from cvelistv5 – Published: 2007-03-06 01:00 – Updated: 2024-08-07 20:50
VLAI
Summary
ISS BlackICE PC Protection 3.6 cpj and cpu, and possibly earlier versions, allows local users to bypass the protection scheme by using the ZwDeleteFile API function to delete the critical filelock.txt file, which stores information about protected files.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://archives.neohapsis.com/archives/fulldisclo… | mailing-listx_refsource_FULLDISC |
| http://securityreason.com/securityalert/2361 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/bid/20546 | vdb-entryx_refsource_BID |
| http://www.osvdb.org/30901 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/archive/1/448763/100… | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.matousec.com/info/advisories/BlackICE-… | x_refsource_MISC |
Date Public
2006-10-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:50:06.200Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20061015 ISS BlackICE PC Protection Filelock protection bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0298.html"
},
{
"name": "2361",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2361"
},
{
"name": "20546",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20546"
},
{
"name": "30901",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/30901"
},
{
"name": "20061015 ISS BlackICE PC Protection Filelock protection bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/448763/100/0/threaded"
},
{
"name": "blackice-filelock-protection-bypass(29575)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29575"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/BlackICE-Filelock-protection-bypass.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ISS BlackICE PC Protection 3.6 cpj and cpu, and possibly earlier versions, allows local users to bypass the protection scheme by using the ZwDeleteFile API function to delete the critical filelock.txt file, which stores information about protected files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20061015 ISS BlackICE PC Protection Filelock protection bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0298.html"
},
{
"name": "2361",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2361"
},
{
"name": "20546",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20546"
},
{
"name": "30901",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/30901"
},
{
"name": "20061015 ISS BlackICE PC Protection Filelock protection bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/448763/100/0/threaded"
},
{
"name": "blackice-filelock-protection-bypass(29575)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29575"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/BlackICE-Filelock-protection-bypass.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-7129",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ISS BlackICE PC Protection 3.6 cpj and cpu, and possibly earlier versions, allows local users to bypass the protection scheme by using the ZwDeleteFile API function to delete the critical filelock.txt file, which stores information about protected files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20061015 ISS BlackICE PC Protection Filelock protection bypass Vulnerability",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0298.html"
},
{
"name": "2361",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2361"
},
{
"name": "20546",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20546"
},
{
"name": "30901",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/30901"
},
{
"name": "20061015 ISS BlackICE PC Protection Filelock protection bypass Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/448763/100/0/threaded"
},
{
"name": "blackice-filelock-protection-bypass(29575)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29575"
},
{
"name": "http://www.matousec.com/info/advisories/BlackICE-Filelock-protection-bypass.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/BlackICE-Filelock-protection-bypass.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-7129",
"datePublished": "2007-03-06T01:00:00.000Z",
"dateReserved": "2007-03-05T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:50:06.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4541 (GCVE-0-2006-4541)
Vulnerability from cvelistv5 – Published: 2006-09-05 23:00 – Updated: 2024-08-07 19:14
VLAI
Summary
RapDrv.sys in BlackICE PC Protection 3.6.cpn, cpj, cpiE, and possibly 3.6 and earlier, allows local users to cause a denial of service (crash) via a NULL third argument to the NtOpenSection API function. NOTE: it was later reported that 3.6.cqn is also affected.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://securityreason.com/securityalert/1512 | third-party-advisoryx_refsource_SREASON |
| http://www.osvdb.org/28332 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/21710 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/archive/1/444958/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/19800 | vdb-entryx_refsource_BID |
| http://www.matousec.com/info/advisories/BlackICE-… | x_refsource_MISC |
| http://www.matousec.com/info/advisories/plague-in… | x_refsource_MISC |
| http://www.matousec.com/projects/windows-personal… | x_refsource_MISC |
| http://www.vupen.com/english/advisories/2006/3431 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/archive/1/479830/100… | mailing-listx_refsource_BUGTRAQ |
Date Public
2006-09-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:14:47.447Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1512",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1512"
},
{
"name": "28332",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/28332"
},
{
"name": "21710",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21710"
},
{
"name": "20060901 ISS BlackICE PC Protection Insufficient validation of arguments of NtOpenSection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/444958/100/0/threaded"
},
{
"name": "19800",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19800"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/BlackICE-Insufficient-validation-of-arguments-of-NtOpenSection.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
},
{
"name": "ADV-2006-3431",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3431"
},
{
"name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "RapDrv.sys in BlackICE PC Protection 3.6.cpn, cpj, cpiE, and possibly 3.6 and earlier, allows local users to cause a denial of service (crash) via a NULL third argument to the NtOpenSection API function. NOTE: it was later reported that 3.6.cqn is also affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1512",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1512"
},
{
"name": "28332",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/28332"
},
{
"name": "21710",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21710"
},
{
"name": "20060901 ISS BlackICE PC Protection Insufficient validation of arguments of NtOpenSection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/444958/100/0/threaded"
},
{
"name": "19800",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19800"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/BlackICE-Insufficient-validation-of-arguments-of-NtOpenSection.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
},
{
"name": "ADV-2006-3431",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3431"
},
{
"name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4541",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "RapDrv.sys in BlackICE PC Protection 3.6.cpn, cpj, cpiE, and possibly 3.6 and earlier, allows local users to cause a denial of service (crash) via a NULL third argument to the NtOpenSection API function. NOTE: it was later reported that 3.6.cqn is also affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1512",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1512"
},
{
"name": "28332",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/28332"
},
{
"name": "21710",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21710"
},
{
"name": "20060901 ISS BlackICE PC Protection Insufficient validation of arguments of NtOpenSection Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/444958/100/0/threaded"
},
{
"name": "19800",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19800"
},
{
"name": "http://www.matousec.com/info/advisories/BlackICE-Insufficient-validation-of-arguments-of-NtOpenSection.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/BlackICE-Insufficient-validation-of-arguments-of-NtOpenSection.php"
},
{
"name": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
},
{
"name": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php",
"refsource": "MISC",
"url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
},
{
"name": "ADV-2006-3431",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3431"
},
{
"name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4541",
"datePublished": "2006-09-05T23:00:00.000Z",
"dateReserved": "2006-09-05T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:14:47.447Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3999 (GCVE-0-2006-3999)
Vulnerability from cvelistv5 – Published: 2006-08-05 01:00 – Updated: 2024-08-07 18:48
VLAI
Summary
ISS BlackICE PC Protection 3.6.cpj, 3.6.cpiE, and possibly earlier versions do not properly monitor the integrity of the pamversion.dll BlackICE library, which allows local users to subvert BlackICE by replacing pamversion.dll. NOTE: in most cases, the attack would not cross privilege boundaries because replacing pamversion.dll requires administrative privileges. However, this issue is a vulnerability because BlackICE is intended to protect against certain rogue privileged actions.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://securitytracker.com/id?1016618 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/archive/1/441829/100… | mailing-listx_refsource_BUGTRAQ |
| http://securityreason.com/securityalert/1338 | third-party-advisoryx_refsource_SREASON |
Date Public
2006-08-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:48:39.409Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1016618",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016618"
},
{
"name": "20060801 ISS BlackICE PC Protection DLL faking of run-time linked libraries Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/441829/100/0/threaded"
},
{
"name": "1338",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1338"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ISS BlackICE PC Protection 3.6.cpj, 3.6.cpiE, and possibly earlier versions do not properly monitor the integrity of the pamversion.dll BlackICE library, which allows local users to subvert BlackICE by replacing pamversion.dll. NOTE: in most cases, the attack would not cross privilege boundaries because replacing pamversion.dll requires administrative privileges. However, this issue is a vulnerability because BlackICE is intended to protect against certain rogue privileged actions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1016618",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016618"
},
{
"name": "20060801 ISS BlackICE PC Protection DLL faking of run-time linked libraries Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/441829/100/0/threaded"
},
{
"name": "1338",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1338"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3999",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ISS BlackICE PC Protection 3.6.cpj, 3.6.cpiE, and possibly earlier versions do not properly monitor the integrity of the pamversion.dll BlackICE library, which allows local users to subvert BlackICE by replacing pamversion.dll. NOTE: in most cases, the attack would not cross privilege boundaries because replacing pamversion.dll requires administrative privileges. However, this issue is a vulnerability because BlackICE is intended to protect against certain rogue privileged actions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1016618",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016618"
},
{
"name": "20060801 ISS BlackICE PC Protection DLL faking of run-time linked libraries Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/441829/100/0/threaded"
},
{
"name": "1338",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1338"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3999",
"datePublished": "2006-08-05T01:00:00.000Z",
"dateReserved": "2006-08-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:48:39.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3840 (GCVE-0-2006-3840)
Vulnerability from cvelistv5 – Published: 2006-07-27 10:00 – Updated: 2024-08-07 18:48
VLAI
Summary
The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| https://iss.custhelp.com/cgi-bin/iss.cfg/php/endu… | x_refsource_CONFIRM |
| http://www.securityfocus.com/archive/1/441278/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.nsfocus.com/english/homepage/research/… | x_refsource_MISC |
| http://secunia.com/advisories/21219 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2006/2996 | vdb-entryx_refsource_VUPEN |
| http://securitytracker.com/id?1016592 | vdb-entryx_refsource_SECTRACK |
| http://xforce.iss.net/xforce/alerts/id/230 | third-party-advisoryx_refsource_ISS |
| http://www.securityfocus.com/bid/19178 | vdb-entryx_refsource_BID |
| http://securitytracker.com/id?1016590 | vdb-entryx_refsource_SECTRACK |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://securitytracker.com/id?1016591 | vdb-entryx_refsource_SECTRACK |
Date Public
2006-07-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:48:39.136Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630"
},
{
"name": "20060727 NSFOCUS SA2006-07 : ISS RealSecure/BlackICE MailSlot Heap Overflow Detection Remote DoS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/441278/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nsfocus.com/english/homepage/research/0607.htm"
},
{
"name": "21219",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21219"
},
{
"name": "ADV-2006-2996",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2996"
},
{
"name": "1016592",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016592"
},
{
"name": "20060726 Protocol Parsing Bug in SMB Mailslot Parsing in ISS Products",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://xforce.iss.net/xforce/alerts/id/230"
},
{
"name": "19178",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19178"
},
{
"name": "1016590",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016590"
},
{
"name": "pam-smb-mailslot-dos(27965)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27965"
},
{
"name": "1016591",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016591"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630"
},
{
"name": "20060727 NSFOCUS SA2006-07 : ISS RealSecure/BlackICE MailSlot Heap Overflow Detection Remote DoS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/441278/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nsfocus.com/english/homepage/research/0607.htm"
},
{
"name": "21219",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21219"
},
{
"name": "ADV-2006-2996",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2996"
},
{
"name": "1016592",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016592"
},
{
"name": "20060726 Protocol Parsing Bug in SMB Mailslot Parsing in ISS Products",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://xforce.iss.net/xforce/alerts/id/230"
},
{
"name": "19178",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19178"
},
{
"name": "1016590",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016590"
},
{
"name": "pam-smb-mailslot-dos(27965)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27965"
},
{
"name": "1016591",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016591"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3840",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630",
"refsource": "CONFIRM",
"url": "https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630"
},
{
"name": "20060727 NSFOCUS SA2006-07 : ISS RealSecure/BlackICE MailSlot Heap Overflow Detection Remote DoS Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/441278/100/0/threaded"
},
{
"name": "http://www.nsfocus.com/english/homepage/research/0607.htm",
"refsource": "MISC",
"url": "http://www.nsfocus.com/english/homepage/research/0607.htm"
},
{
"name": "21219",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21219"
},
{
"name": "ADV-2006-2996",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2996"
},
{
"name": "1016592",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016592"
},
{
"name": "20060726 Protocol Parsing Bug in SMB Mailslot Parsing in ISS Products",
"refsource": "ISS",
"url": "http://xforce.iss.net/xforce/alerts/id/230"
},
{
"name": "19178",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19178"
},
{
"name": "1016590",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016590"
},
{
"name": "pam-smb-mailslot-dos(27965)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27965"
},
{
"name": "1016591",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016591"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3840",
"datePublished": "2006-07-27T10:00:00.000Z",
"dateReserved": "2006-07-25T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:48:39.136Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2711 (GCVE-0-2005-2711)
Vulnerability from cvelistv5 – Published: 2006-03-24 02:00 – Updated: 2024-08-07 22:45
VLAI
Summary
ISS BlackIce 3.6, as used in multiple products including BlackICE PC Protection, Server Protection, Agent for Server, and RealSecure Desktop 3.6 and 7.0, does not drop privileges before launching help from the "More Info" button in the "Application Protection" dialog, which allows local users to execute arbitrary programs as SYSTEM.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/17218 | vdb-entryx_refsource_BID |
| http://securitytracker.com/id?1015820 | vdb-entryx_refsource_SECTRACK |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.osvdb.org/24096 | vdb-entryx_refsource_OSVDB |
| http://www.vupen.com/english/advisories/2006/1090 | vdb-entryx_refsource_VUPEN |
| http://www.idefense.com/intelligence/vulnerabilit… | third-party-advisoryx_refsource_IDEFENSE |
| http://securitytracker.com/id?1015821 | vdb-entryx_refsource_SECTRACK |
| http://secunia.com/advisories/19327 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2006-03-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:45:02.167Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "17218",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17218"
},
{
"name": "1015820",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015820"
},
{
"name": "blackice-appprotection-privilege-escalation(25423)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25423"
},
{
"name": "24096",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24096"
},
{
"name": "ADV-2006-1090",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1090"
},
{
"name": "20060323 ISS Multiple Products Local Privilege Escalation Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=403"
},
{
"name": "1015821",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015821"
},
{
"name": "19327",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19327"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-03-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ISS BlackIce 3.6, as used in multiple products including BlackICE PC Protection, Server Protection, Agent for Server, and RealSecure Desktop 3.6 and 7.0, does not drop privileges before launching help from the \"More Info\" button in the \"Application Protection\" dialog, which allows local users to execute arbitrary programs as SYSTEM."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "17218",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17218"
},
{
"name": "1015820",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015820"
},
{
"name": "blackice-appprotection-privilege-escalation(25423)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25423"
},
{
"name": "24096",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24096"
},
{
"name": "ADV-2006-1090",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1090"
},
{
"name": "20060323 ISS Multiple Products Local Privilege Escalation Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=403"
},
{
"name": "1015821",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015821"
},
{
"name": "19327",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19327"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2711",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ISS BlackIce 3.6, as used in multiple products including BlackICE PC Protection, Server Protection, Agent for Server, and RealSecure Desktop 3.6 and 7.0, does not drop privileges before launching help from the \"More Info\" button in the \"Application Protection\" dialog, which allows local users to execute arbitrary programs as SYSTEM."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "17218",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17218"
},
{
"name": "1015820",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015820"
},
{
"name": "blackice-appprotection-privilege-escalation(25423)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25423"
},
{
"name": "24096",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24096"
},
{
"name": "ADV-2006-1090",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1090"
},
{
"name": "20060323 ISS Multiple Products Local Privilege Escalation Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=403"
},
{
"name": "1015821",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015821"
},
{
"name": "19327",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19327"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2711",
"datePublished": "2006-03-24T02:00:00.000Z",
"dateReserved": "2005-08-26T00:00:00.000Z",
"dateUpdated": "2024-08-07T22:45:02.167Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2126 (GCVE-0-2004-2126)
Vulnerability from cvelistv5 – Published: 2005-05-27 04:00 – Updated: 2024-08-08 01:15
VLAI
Summary
The upgrade for BlackICE PC Protection 3.6 and earlier sets insecure permissions for .INI files such as (1) blackice.ini, (2) firewall.ini, (3) protect.ini, or (4) sigs.ini, which allows local users to modify BlackICE configuration or possibly execute arbitrary code by exploiting vulnerabilities in the .INI parsers.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/9513 | vdb-entryx_refsource_BID |
| http://marc.info/?l=bugtraq&m=107530966524193&w=2 | mailing-listx_refsource_BUGTRAQ |
Date Public
2004-01-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:15:01.652Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "9513",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9513"
},
{
"name": "20040128 SRT2004-01-17-0227 - BlackICE allows local users to become SYSTEM",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107530966524193\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-01-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The upgrade for BlackICE PC Protection 3.6 and earlier sets insecure permissions for .INI files such as (1) blackice.ini, (2) firewall.ini, (3) protect.ini, or (4) sigs.ini, which allows local users to modify BlackICE configuration or possibly execute arbitrary code by exploiting vulnerabilities in the .INI parsers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "9513",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9513"
},
{
"name": "20040128 SRT2004-01-17-0227 - BlackICE allows local users to become SYSTEM",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107530966524193\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2126",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The upgrade for BlackICE PC Protection 3.6 and earlier sets insecure permissions for .INI files such as (1) blackice.ini, (2) firewall.ini, (3) protect.ini, or (4) sigs.ini, which allows local users to modify BlackICE configuration or possibly execute arbitrary code by exploiting vulnerabilities in the .INI parsers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "9513",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9513"
},
{
"name": "20040128 SRT2004-01-17-0227 - BlackICE allows local users to become SYSTEM",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107530966524193\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2126",
"datePublished": "2005-05-27T04:00:00.000Z",
"dateReserved": "2005-05-27T00:00:00.000Z",
"dateUpdated": "2024-08-08T01:15:01.652Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2125 (GCVE-0-2004-2125)
Vulnerability from cvelistv5 – Published: 2005-05-27 04:00 – Updated: 2024-08-08 01:15
VLAI
Summary
Buffer overflow in blackd.exe for BlackICE PC Protection 3.6 and other versions before 3.6.ccb, with application protection off, allows local users to gain system privileges by modifying the .INI file to contain a long packetLog.fileprefix value.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/9514 | vdb-entryx_refsource_BID |
| http://www.osvdb.org/3740 | vdb-entryx_refsource_OSVDB |
| http://marc.info/?l=bugtraq&m=107530966524193&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://archives.neohapsis.com/archives/iss/2004-q… | mailing-listx_refsource_MLIST |
| http://secunia.com/advisories/10739 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2004-01-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:15:01.601Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "blackice-blackdexe-bo(14965)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14965"
},
{
"name": "9514",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9514"
},
{
"name": "3740",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3740"
},
{
"name": "20040128 SRT2004-01-17-0227 - BlackICE allows local users to become SYSTEM",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107530966524193\u0026w=2"
},
{
"name": "[ISSForum] 20040128 Third party BlackICE advisory",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/iss/2004-q1/0157.html"
},
{
"name": "10739",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10739"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-01-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in blackd.exe for BlackICE PC Protection 3.6 and other versions before 3.6.ccb, with application protection off, allows local users to gain system privileges by modifying the .INI file to contain a long packetLog.fileprefix value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "blackice-blackdexe-bo(14965)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14965"
},
{
"name": "9514",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9514"
},
{
"name": "3740",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3740"
},
{
"name": "20040128 SRT2004-01-17-0227 - BlackICE allows local users to become SYSTEM",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107530966524193\u0026w=2"
},
{
"name": "[ISSForum] 20040128 Third party BlackICE advisory",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://archives.neohapsis.com/archives/iss/2004-q1/0157.html"
},
{
"name": "10739",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10739"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2125",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in blackd.exe for BlackICE PC Protection 3.6 and other versions before 3.6.ccb, with application protection off, allows local users to gain system privileges by modifying the .INI file to contain a long packetLog.fileprefix value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "blackice-blackdexe-bo(14965)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14965"
},
{
"name": "9514",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9514"
},
{
"name": "3740",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3740"
},
{
"name": "20040128 SRT2004-01-17-0227 - BlackICE allows local users to become SYSTEM",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107530966524193\u0026w=2"
},
{
"name": "[ISSForum] 20040128 Third party BlackICE advisory",
"refsource": "MLIST",
"url": "http://archives.neohapsis.com/archives/iss/2004-q1/0157.html"
},
{
"name": "10739",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10739"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2125",
"datePublished": "2005-05-27T04:00:00.000Z",
"dateReserved": "2005-05-27T00:00:00.000Z",
"dateUpdated": "2024-08-08T01:15:01.601Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1280 (GCVE-0-2002-1280)
Vulnerability from cvelistv5 – Published: 2005-04-14 04:00 – Updated: 2024-08-08 03:19
VLAI
Summary
Memory leak in RealSecure Event Collector 6.5 allows attackers to cause a denial of service (memory consumption and crash).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://www.isskk.co.jp/support/XPressUpdates/RS/R… | x_refsource_MISC |
Date Public
2002-12-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:28.429Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.isskk.co.jp/support/XPressUpdates/RS/RS65ECSR15RNj.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-12-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Memory leak in RealSecure Event Collector 6.5 allows attackers to cause a denial of service (memory consumption and crash)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-15T16:35:26.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.isskk.co.jp/support/XPressUpdates/RS/RS65ECSR15RNj.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1280",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Memory leak in RealSecure Event Collector 6.5 allows attackers to cause a denial of service (memory consumption and crash)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.isskk.co.jp/support/XPressUpdates/RS/RS65ECSR15RNj.html",
"refsource": "MISC",
"url": "http://www.isskk.co.jp/support/XPressUpdates/RS/RS65ECSR15RNj.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1280",
"datePublished": "2005-04-14T04:00:00.000Z",
"dateReserved": "2002-11-12T00:00:00.000Z",
"dateUpdated": "2024-08-08T03:19:28.429Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}