Lucene search

[email protected]CVE-2004-0362

HistoryApr 15, 2004 - 4:00 a.m.

CVE-2004-0362

2004-04-1504:00:00

[email protected]

web.nvd.nist.gov

icq

buffer overflow

iss

protocol analysis module

pam

realsecure

proventia

blackice

remote code execution

cve-2004-0362

7.7 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.962 High

EPSS

Percentile

99.5%

JSON

Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm.

Affected configurations

NVD

Node

issblackice_agent_serverMatch3.6ebz

issblackice_agent_serverMatch3.6eca

issblackice_agent_serverMatch3.6ecb

issblackice_agent_serverMatch3.6ecc

issblackice_agent_serverMatch3.6ecd

issblackice_agent_serverMatch3.6ece

issblackice_agent_serverMatch3.6ecf

issblackice_pc_protectionMatch3.6cbz

issblackice_pc_protectionMatch3.6cca

issblackice_pc_protectionMatch3.6ccb

issblackice_pc_protectionMatch3.6ccc

issblackice_pc_protectionMatch3.6ccd

issblackice_pc_protectionMatch3.6cce

issblackice_pc_protectionMatch3.6ccf

issblackice_server_protectionMatch3.6cbz

issblackice_server_protectionMatch3.6cca

issblackice_server_protectionMatch3.6ccb

issblackice_server_protectionMatch3.6ccc

issblackice_server_protectionMatch3.6ccd

issblackice_server_protectionMatch3.6cce

issblackice_server_protectionMatch3.6ccf

issrealsecure_desktopMatch3.6ebz

issrealsecure_desktopMatch3.6eca

issrealsecure_desktopMatch3.6ecb

issrealsecure_desktopMatch3.6ecd

issrealsecure_desktopMatch3.6ece

issrealsecure_desktopMatch3.6ecf

issrealsecure_desktopMatch7.0eba

issrealsecure_desktopMatch7.0ebf

issrealsecure_desktopMatch7.0ebg

issrealsecure_desktopMatch7.0ebh

issrealsecure_desktopMatch7.0ebj

issrealsecure_desktopMatch7.0ebk

issrealsecure_desktopMatch7.0ebl

issrealsecure_guardMatch3.6ebz

issrealsecure_guardMatch3.6eca

issrealsecure_guardMatch3.6ecb

issrealsecure_guardMatch3.6ecc

issrealsecure_guardMatch3.6ecd

issrealsecure_guardMatch3.6ece

issrealsecure_guardMatch3.6ecf

issrealsecure_network_sensorMatch7.0

issrealsecure_network_sensorMatch7.0xpu_20.11

issrealsecure_network_sensorMatch7.0xpu_22.10

issrealsecure_network_sensorMatch7.0xpu_22.4

issrealsecure_network_sensorMatch7.0xpu_22.9

issrealsecure_sentryMatch3.6ebz

issrealsecure_sentryMatch3.6eca

issrealsecure_sentryMatch3.6ecb

issrealsecure_sentryMatch3.6ecc

issrealsecure_sentryMatch3.6ecd

issrealsecure_sentryMatch3.6ece

issrealsecure_sentryMatch3.6ecf

issrealsecure_server_sensorMatch6.0windows

issrealsecure_server_sensorMatch6.0.1windows

issrealsecure_server_sensorMatch6.0.1_win_sr1.1

issrealsecure_server_sensorMatch6.5windows

issrealsecure_server_sensorMatch6.5sr3.2windows

issrealsecure_server_sensorMatch6.5sr3.3windows

issrealsecure_server_sensorMatch6.5_win_sr3.1

issrealsecure_server_sensorMatch6.5_win_sr3.4

issrealsecure_server_sensorMatch6.5_win_sr3.5

issrealsecure_server_sensorMatch6.5_win_sr3.6

issrealsecure_server_sensorMatch6.5_win_sr3.7

issrealsecure_server_sensorMatch6.5_win_sr3.8

issrealsecure_server_sensorMatch6.5_win_sr3.9

issrealsecure_server_sensorMatch6.5_win_sr3.10

issrealsecure_server_sensorMatch7.0xpu22.1

issrealsecure_server_sensorMatch7.0xpu22.10

issrealsecure_server_sensorMatch7.0xpu22.11

issrealsecure_server_sensorMatch7.0xpu22.2

issrealsecure_server_sensorMatch7.0xpu22.3

issrealsecure_server_sensorMatch7.0xpu22.4

issrealsecure_server_sensorMatch7.0xpu22.5

issrealsecure_server_sensorMatch7.0xpu22.6

issrealsecure_server_sensorMatch7.0xpu22.7

issrealsecure_server_sensorMatch7.0xpu22.8

issrealsecure_server_sensorMatch7.0xpu22.9

Node

issproventia_a_series_xpuMatch20.11

issproventia_a_series_xpuMatch22.1

issproventia_a_series_xpuMatch22.2

issproventia_a_series_xpuMatch22.3

issproventia_a_series_xpuMatch22.4

issproventia_a_series_xpuMatch22.5

issproventia_a_series_xpuMatch22.6

issproventia_a_series_xpuMatch22.7

issproventia_a_series_xpuMatch22.8

issproventia_a_series_xpuMatch22.9

issproventia_a_series_xpuMatch22.10

issproventia_g_series_xpuMatch22.1

issproventia_g_series_xpuMatch22.2

issproventia_g_series_xpuMatch22.3

issproventia_g_series_xpuMatch22.4

issproventia_g_series_xpuMatch22.5

issproventia_g_series_xpuMatch22.6

issproventia_g_series_xpuMatch22.7

issproventia_g_series_xpuMatch22.8

issproventia_g_series_xpuMatch22.9

issproventia_g_series_xpuMatch22.10

issproventia_g_series_xpuMatch22.11

issproventia_m_series_xpuMatch1.1

issproventia_m_series_xpuMatch1.2

issproventia_m_series_xpuMatch1.3

issproventia_m_series_xpuMatch1.4

issproventia_m_series_xpuMatch1.5

issproventia_m_series_xpuMatch1.6

issproventia_m_series_xpuMatch1.7

issproventia_m_series_xpuMatch1.8

issproventia_m_series_xpuMatch1.9

CPENameOperatorVersion
iss:blackice_agent_serveriss blackice agent servereq3.6ebz
iss:blackice_agent_serveriss blackice agent servereq3.6eca
iss:blackice_agent_serveriss blackice agent servereq3.6ecb
iss:blackice_agent_serveriss blackice agent servereq3.6ecc
iss:blackice_agent_serveriss blackice agent servereq3.6ecd
iss:blackice_agent_serveriss blackice agent servereq3.6ece
iss:blackice_agent_serveriss blackice agent servereq3.6ecf
iss:blackice_pc_protectioniss blackice pc protectioneq3.6cbz
iss:blackice_pc_protectioniss blackice pc protectioneq3.6cca
iss:blackice_pc_protectioniss blackice pc protectioneq3.6ccb

CPE	Name	Operator	Version
iss:blackice_agent_server	iss blackice agent server	eq	3.6ebz
iss:blackice_agent_server	iss blackice agent server	eq	3.6eca
iss:blackice_agent_server	iss blackice agent server	eq	3.6ecb
iss:blackice_agent_server	iss blackice agent server	eq	3.6ecc
iss:blackice_agent_server	iss blackice agent server	eq	3.6ecd
iss:blackice_agent_server	iss blackice agent server	eq	3.6ece
iss:blackice_agent_server	iss blackice agent server	eq	3.6ecf
iss:blackice_pc_protection	iss blackice pc protection	eq	3.6cbz
iss:blackice_pc_protection	iss blackice pc protection	eq	3.6cca
iss:blackice_pc_protection	iss blackice pc protection	eq	3.6ccb