CVE-2004-0362

Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:iss:blackice_agent_server:3.6ebz:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_agent_server:3.6eca:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_agent_server:3.6ecb:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_agent_server:3.6ecc:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_agent_server:3.6ecd:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_agent_server:3.6ece:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_agent_server:3.6ecf:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_pc_protection:3.6cbz:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_pc_protection:3.6cca:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_pc_protection:3.6ccb:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_pc_protection:3.6ccc:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_pc_protection:3.6ccd:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_pc_protection:3.6cce:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_pc_protection:3.6ccf:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_server_protection:3.6cbz:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_server_protection:3.6cca:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_server_protection:3.6ccb:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_server_protection:3.6ccc:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_server_protection:3.6ccd:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_server_protection:3.6cce:*:*:*:*:*:*:*
cpe:2.3:a:iss:blackice_server_protection:3.6ccf:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_desktop:3.6ebz:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_desktop:3.6eca:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_desktop:3.6ecb:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_desktop:3.6ecd:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_desktop:3.6ece:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_desktop:3.6ecf:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_desktop:7.0eba:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_desktop:7.0ebf:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_desktop:7.0ebg:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_desktop:7.0ebh:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_desktop:7.0ebj:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_desktop:7.0ebk:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_desktop:7.0ebl:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_guard:3.6ebz:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_guard:3.6eca:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_guard:3.6ecb:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_guard:3.6ecc:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_guard:3.6ecd:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_guard:3.6ece:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_guard:3.6ecf:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_network_sensor:7.0:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_network_sensor:7.0:xpu_20.11:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_network_sensor:7.0:xpu_22.10:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_network_sensor:7.0:xpu_22.4:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_network_sensor:7.0:xpu_22.9:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_sentry:3.6ebz:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_sentry:3.6eca:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_sentry:3.6ecb:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_sentry:3.6ecc:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_sentry:3.6ecd:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_sentry:3.6ece:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_sentry:3.6ecf:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:6.0:*:windows:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:6.0.1:*:windows:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:6.0.1_win_sr1.1:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:6.5:*:windows:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:6.5:sr3.2:windows:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:6.5:sr3.3:windows:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.1:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.4:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.5:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.6:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.7:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.8:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.9:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.10:*:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.1:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.10:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.11:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.2:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.3:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.4:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.5:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.6:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.7:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.8:*:*:*:*:*:*
cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.9:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:h:iss:proventia_a_series_xpu:20.11:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_a_series_xpu:22.1:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_a_series_xpu:22.2:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_a_series_xpu:22.3:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_a_series_xpu:22.4:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_a_series_xpu:22.5:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_a_series_xpu:22.6:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_a_series_xpu:22.7:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_a_series_xpu:22.8:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_a_series_xpu:22.9:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_a_series_xpu:22.10:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_g_series_xpu:22.1:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_g_series_xpu:22.2:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_g_series_xpu:22.3:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_g_series_xpu:22.4:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_g_series_xpu:22.5:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_g_series_xpu:22.6:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_g_series_xpu:22.7:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_g_series_xpu:22.8:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_g_series_xpu:22.9:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_g_series_xpu:22.10:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_g_series_xpu:22.11:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_m_series_xpu:1.1:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_m_series_xpu:1.2:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_m_series_xpu:1.3:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_m_series_xpu:1.4:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_m_series_xpu:1.5:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_m_series_xpu:1.6:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_m_series_xpu:1.7:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_m_series_xpu:1.8:*:*:*:*:*:*:*
cpe:2.3:h:iss:proventia_m_series_xpu:1.9:*:*:*:*:*:*:*

History

20 Nov 2024, 23:48

Type Values Removed Values Added
References () http://marc.info/?l=bugtraq&m=107965651712378&w=2 - () http://marc.info/?l=bugtraq&m=107965651712378&w=2 -
References () http://secunia.com/advisories/11073 - () http://secunia.com/advisories/11073 -
References () http://www.ciac.org/ciac/bulletins/o-104.shtml - () http://www.ciac.org/ciac/bulletins/o-104.shtml -
References () http://www.eeye.com/html/Research/Advisories/AD20040318.html - () http://www.eeye.com/html/Research/Advisories/AD20040318.html -
References () http://www.kb.cert.org/vuls/id/947254 - Patch, Third Party Advisory, US Government Resource () http://www.kb.cert.org/vuls/id/947254 - Patch, Third Party Advisory, US Government Resource
References () http://www.osvdb.org/4355 - () http://www.osvdb.org/4355 -
References () http://www.securityfocus.com/bid/9913 - Exploit, Patch, Vendor Advisory () http://www.securityfocus.com/bid/9913 - Exploit, Patch, Vendor Advisory
References () http://xforce.iss.net/xforce/alerts/id/166 - Patch, Vendor Advisory () http://xforce.iss.net/xforce/alerts/id/166 - Patch, Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/15442 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/15442 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/15543 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/15543 -

Information

Published : 2004-04-15 04:00

Updated : 2024-11-20 23:48


NVD link : CVE-2004-0362

Mitre link : CVE-2004-0362

CVE.ORG link : CVE-2004-0362


JSON object : View

Products Affected

iss

  • realsecure_server_sensor
  • proventia_m_series_xpu
  • realsecure_sentry
  • realsecure_guard
  • blackice_agent_server
  • proventia_g_series_xpu
  • realsecure_network_sensor
  • blackice_server_protection
  • proventia_a_series_xpu
  • blackice_pc_protection
  • realsecure_desktop