Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2004-0362

Опубликовано: 15 апр. 2004
Источник: nvd
CVSS2: 7.5
EPSS Высокий

Описание

Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:iss:blackice_agent_server:3.6ebz:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_agent_server:3.6eca:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_agent_server:3.6ecb:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_agent_server:3.6ecc:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_agent_server:3.6ecd:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_agent_server:3.6ece:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_agent_server:3.6ecf:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_pc_protection:3.6cbz:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_pc_protection:3.6cca:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_pc_protection:3.6ccb:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_pc_protection:3.6ccc:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_pc_protection:3.6ccd:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_pc_protection:3.6cce:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_pc_protection:3.6ccf:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_server_protection:3.6cbz:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_server_protection:3.6cca:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_server_protection:3.6ccb:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_server_protection:3.6ccc:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_server_protection:3.6ccd:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_server_protection:3.6cce:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_server_protection:3.6ccf:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_desktop:3.6ebz:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_desktop:3.6eca:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_desktop:3.6ecb:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_desktop:3.6ecd:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_desktop:3.6ece:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_desktop:3.6ecf:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_desktop:7.0eba:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_desktop:7.0ebf:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_desktop:7.0ebg:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_desktop:7.0ebh:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_desktop:7.0ebj:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_desktop:7.0ebk:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_desktop:7.0ebl:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_guard:3.6ebz:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_guard:3.6eca:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_guard:3.6ecb:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_guard:3.6ecc:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_guard:3.6ecd:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_guard:3.6ece:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_guard:3.6ecf:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_network_sensor:7.0:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_network_sensor:7.0:xpu_20.11:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_network_sensor:7.0:xpu_22.10:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_network_sensor:7.0:xpu_22.4:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_network_sensor:7.0:xpu_22.9:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_sentry:3.6ebz:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_sentry:3.6eca:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_sentry:3.6ecb:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_sentry:3.6ecc:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_sentry:3.6ecd:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_sentry:3.6ece:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_sentry:3.6ecf:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:6.0:*:windows:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:6.0.1:*:windows:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:6.0.1_win_sr1.1:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:6.5:*:windows:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:6.5:sr3.2:windows:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:6.5:sr3.3:windows:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.1:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.4:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.5:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.6:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.7:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.8:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.9:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.10:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.1:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.10:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.11:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.2:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.3:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.4:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.5:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.6:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.7:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.8:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.9:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:h:iss:proventia_a_series_xpu:20.11:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_a_series_xpu:22.1:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_a_series_xpu:22.2:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_a_series_xpu:22.3:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_a_series_xpu:22.4:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_a_series_xpu:22.5:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_a_series_xpu:22.6:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_a_series_xpu:22.7:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_a_series_xpu:22.8:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_a_series_xpu:22.9:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_a_series_xpu:22.10:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_g_series_xpu:22.1:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_g_series_xpu:22.2:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_g_series_xpu:22.3:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_g_series_xpu:22.4:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_g_series_xpu:22.5:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_g_series_xpu:22.6:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_g_series_xpu:22.7:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_g_series_xpu:22.8:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_g_series_xpu:22.9:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_g_series_xpu:22.10:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_g_series_xpu:22.11:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_m_series_xpu:1.1:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_m_series_xpu:1.2:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_m_series_xpu:1.3:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_m_series_xpu:1.4:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_m_series_xpu:1.5:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_m_series_xpu:1.6:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_m_series_xpu:1.7:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_m_series_xpu:1.8:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_m_series_xpu:1.9:*:*:*:*:*:*:*

EPSS

Процентиль: 99%
0.83404
Высокий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

github логотип

GHSA-w8mp-vfgg-7w4g

github
почти 4 года назад

Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm.

EPSS

Процентиль: 99%
0.83404
Высокий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other