BlackICE PC Protection blackd.exe Local Overflow

2004-01-28T07:50:42
ID OSVDB:3740
Type osvdb
Reporter OSVDB
Modified 2004-01-28T07:50:42

Description

Vulnerability Description

ISS BlackICE for PC's contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when .ini file, which are writable by any user, are modified supplying an overly long value in the packetLog.fileprefix parameter. This flaw may result in execution of arbitrary commands with system privilages, leading to a loss of confidentiality, integrity, and availability.

Technical Description

The boundary error is in "blackd.exe".

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue. It may be possible to correct the flaw by implementing the BlackICE Application Protection.

Short Description

ISS BlackICE for PC's contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when .ini file, which are writable by any user, are modified supplying an overly long value in the packetLog.fileprefix parameter. This flaw may result in execution of arbitrary commands with system privilages, leading to a loss of confidentiality, integrity, and availability.

References:

Vendor URL: http://blackice.iss.net Secunia Advisory ID:10739 Mail List Post: http://www.securityfocus.com/archive/1/351545 Keyword: Internet Security Systems Keyword: ISS ISS X-Force ID: 14965 CVE-2004-2125 Bugtraq ID: 9514