Internet Security Systems Protocol Analysis Module ICQ Parsing Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9913/info It has been reported that the Internet Security Systems ISS Protocol Analysis Module is prone to a remote buffer overflow vulnerability when parsing the ICQ protocol. This issue exists due to insufficient bounds...

CVE-2004-0193

Heap-based buffer overflow in the ISS Protocol Analysis Module PAM, as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Serv...

CVE-2004-0193

CVE-2004-0193 describes a heap-based buffer overflow in the ISS Protocol Analysis Module (PAM) used by RealSecure/BlackICE products. An SMB authentication request with a long username allows a remote attacker to execute arbitrary code. Affected: RealSecure Network 7.0 and Server Sensor 7.0, Prove...

Internet Security Systems Protocol Analysis Module ICQ - Parsing Buffer Overflow

// source: https://www.securityfocus.com/bid/9913/info It has been reported that the Internet Security Systems ISS Protocol Analysis Module is prone to a remote buffer overflow vulnerability when parsing the ICQ protocol. This issue exists due to insufficient bounds checking performed on certain...

CVE-2004-0362

CVE-2004-0362 affects ISS PAM ICQ parsing in RealSecure/BlackICE/Proventia products. The issue is multiple stack-based buffer overflows in the ICQ server response handling (SRV_MULTI carrying SRV_USER_ONLINE/SRV_META_USER with long nickname/firstname/lastname/email), enabling remote code executio...

Internet Security Systems Protocol Analysis Module (PAM) does not properly handle ICQ server response messages

Overview The Protocol Analysis Module PAM used by Internet Security Systems ISS intrusion detection and prevention products does not properly handle ICQ server response messages. An unauthenticated, remote attacker could execute arbitrary code by sending a specially crafted UDP packet. Descriptio...

ISS Security Brief: Vulnerability in ICQ Parsing in ISS Products

-----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Security Brief March 18, 2004 Vulnerability in ICQ Parsing in ISS Products Synopsis: A vulnerability was discovered in the ICQ instant messaging protocol parsing routines of the ISS Protocol Analysis Module PAM component. The PAM module...

CVE-2004-0193

Heap-based buffer overflow in the ISS Protocol Analysis Module PAM, as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Serv...