Описание
Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Server Protection 3.6, allows remote attackers to execute arbitrary code via an SMB packet containing an authentication request with a long username.
Ссылки
- Vendor Advisory
- PatchThird Party AdvisoryUS Government Resource
- PatchVendor Advisory
- Vendor Advisory
- PatchThird Party AdvisoryUS Government Resource
- PatchVendor Advisory
Уязвимые конфигурации
Одно из
Одно из
EPSS
7.5 High
CVSS2
Дефекты
Связанные уязвимости
Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Server Protection 3.6, allows remote attackers to execute arbitrary code via an SMB packet containing an authentication request with a long username.
EPSS
7.5 High
CVSS2