fkie_cve-2004-0362
Vulnerability from fkie_nvd
Published
2004-04-15 04:00
Modified
2024-11-20 23:48
Severity ?
Summary
Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm.
References
cve@mitre.orghttp://marc.info/?l=bugtraq&m=107965651712378&w=2
cve@mitre.orghttp://secunia.com/advisories/11073
cve@mitre.orghttp://www.ciac.org/ciac/bulletins/o-104.shtml
cve@mitre.orghttp://www.eeye.com/html/Research/Advisories/AD20040318.html
cve@mitre.orghttp://www.kb.cert.org/vuls/id/947254Patch, Third Party Advisory, US Government Resource
cve@mitre.orghttp://www.osvdb.org/4355
cve@mitre.orghttp://www.securityfocus.com/bid/9913Exploit, Patch, Vendor Advisory
cve@mitre.orghttp://xforce.iss.net/xforce/alerts/id/166Patch, Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/15442
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/15543
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=107965651712378&w=2
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/11073
af854a3a-2127-422b-91ae-364da2661108http://www.ciac.org/ciac/bulletins/o-104.shtml
af854a3a-2127-422b-91ae-364da2661108http://www.eeye.com/html/Research/Advisories/AD20040318.html
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/947254Patch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/4355
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/9913Exploit, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://xforce.iss.net/xforce/alerts/id/166Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/15442
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/15543
Impacted products
Vendor Product Version
iss blackice_agent_server 3.6ebz
iss blackice_agent_server 3.6eca
iss blackice_agent_server 3.6ecb
iss blackice_agent_server 3.6ecc
iss blackice_agent_server 3.6ecd
iss blackice_agent_server 3.6ece
iss blackice_agent_server 3.6ecf
iss blackice_pc_protection 3.6cbz
iss blackice_pc_protection 3.6cca
iss blackice_pc_protection 3.6ccb
iss blackice_pc_protection 3.6ccc
iss blackice_pc_protection 3.6ccd
iss blackice_pc_protection 3.6cce
iss blackice_pc_protection 3.6ccf
iss blackice_server_protection 3.6cbz
iss blackice_server_protection 3.6cca
iss blackice_server_protection 3.6ccb
iss blackice_server_protection 3.6ccc
iss blackice_server_protection 3.6ccd
iss blackice_server_protection 3.6cce
iss blackice_server_protection 3.6ccf
iss realsecure_desktop 3.6ebz
iss realsecure_desktop 3.6eca
iss realsecure_desktop 3.6ecb
iss realsecure_desktop 3.6ecd
iss realsecure_desktop 3.6ece
iss realsecure_desktop 3.6ecf
iss realsecure_desktop 7.0eba
iss realsecure_desktop 7.0ebf
iss realsecure_desktop 7.0ebg
iss realsecure_desktop 7.0ebh
iss realsecure_desktop 7.0ebj
iss realsecure_desktop 7.0ebk
iss realsecure_desktop 7.0ebl
iss realsecure_guard 3.6ebz
iss realsecure_guard 3.6eca
iss realsecure_guard 3.6ecb
iss realsecure_guard 3.6ecc
iss realsecure_guard 3.6ecd
iss realsecure_guard 3.6ece
iss realsecure_guard 3.6ecf
iss realsecure_network_sensor 7.0
iss realsecure_network_sensor 7.0
iss realsecure_network_sensor 7.0
iss realsecure_network_sensor 7.0
iss realsecure_network_sensor 7.0
iss realsecure_sentry 3.6ebz
iss realsecure_sentry 3.6eca
iss realsecure_sentry 3.6ecb
iss realsecure_sentry 3.6ecc
iss realsecure_sentry 3.6ecd
iss realsecure_sentry 3.6ece
iss realsecure_sentry 3.6ecf
iss realsecure_server_sensor 6.0
iss realsecure_server_sensor 6.0.1
iss realsecure_server_sensor 6.0.1_win_sr1.1
iss realsecure_server_sensor 6.5
iss realsecure_server_sensor 6.5
iss realsecure_server_sensor 6.5
iss realsecure_server_sensor 6.5_win_sr3.1
iss realsecure_server_sensor 6.5_win_sr3.4
iss realsecure_server_sensor 6.5_win_sr3.5
iss realsecure_server_sensor 6.5_win_sr3.6
iss realsecure_server_sensor 6.5_win_sr3.7
iss realsecure_server_sensor 6.5_win_sr3.8
iss realsecure_server_sensor 6.5_win_sr3.9
iss realsecure_server_sensor 6.5_win_sr3.10
iss realsecure_server_sensor 7.0
iss realsecure_server_sensor 7.0
iss realsecure_server_sensor 7.0
iss realsecure_server_sensor 7.0
iss realsecure_server_sensor 7.0
iss realsecure_server_sensor 7.0
iss realsecure_server_sensor 7.0
iss realsecure_server_sensor 7.0
iss realsecure_server_sensor 7.0
iss realsecure_server_sensor 7.0
iss realsecure_server_sensor 7.0
iss proventia_a_series_xpu 20.11
iss proventia_a_series_xpu 22.1
iss proventia_a_series_xpu 22.2
iss proventia_a_series_xpu 22.3
iss proventia_a_series_xpu 22.4
iss proventia_a_series_xpu 22.5
iss proventia_a_series_xpu 22.6
iss proventia_a_series_xpu 22.7
iss proventia_a_series_xpu 22.8
iss proventia_a_series_xpu 22.9
iss proventia_a_series_xpu 22.10
iss proventia_g_series_xpu 22.1
iss proventia_g_series_xpu 22.2
iss proventia_g_series_xpu 22.3
iss proventia_g_series_xpu 22.4
iss proventia_g_series_xpu 22.5
iss proventia_g_series_xpu 22.6
iss proventia_g_series_xpu 22.7
iss proventia_g_series_xpu 22.8
iss proventia_g_series_xpu 22.9
iss proventia_g_series_xpu 22.10
iss proventia_g_series_xpu 22.11
iss proventia_m_series_xpu 1.1
iss proventia_m_series_xpu 1.2
iss proventia_m_series_xpu 1.3
iss proventia_m_series_xpu 1.4
iss proventia_m_series_xpu 1.5
iss proventia_m_series_xpu 1.6
iss proventia_m_series_xpu 1.7
iss proventia_m_series_xpu 1.8
iss proventia_m_series_xpu 1.9


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:iss:blackice_agent_server:3.6ebz:*:*:*:*:*:*:*",
              "matchCriteriaId": "711158F0-20A5-4F74-9F2B-E1D48085CEA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_agent_server:3.6eca:*:*:*:*:*:*:*",
              "matchCriteriaId": "68D71B50-D280-4735-BFFE-2548C3117D70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_agent_server:3.6ecb:*:*:*:*:*:*:*",
              "matchCriteriaId": "083BFA17-FFE4-45AA-A4D1-9543921FB1A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_agent_server:3.6ecc:*:*:*:*:*:*:*",
              "matchCriteriaId": "F13B990F-CBDC-4007-A85D-D1F320A7DB58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_agent_server:3.6ecd:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBE8DE53-5DA3-423C-977C-61AFF207C9F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_agent_server:3.6ece:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CB70D11-262D-4017-9C80-D39DD2C6E1F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_agent_server:3.6ecf:*:*:*:*:*:*:*",
              "matchCriteriaId": "01136FF6-3F16-47F2-9125-94B59BD6759D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_pc_protection:3.6cbz:*:*:*:*:*:*:*",
              "matchCriteriaId": "44D1258B-70B0-4B20-9992-1E5DDD899935",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_pc_protection:3.6cca:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FFB331C-EA1C-4DC6-B699-A4F6AB8FFB7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_pc_protection:3.6ccb:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E52039E-728B-4028-AEB0-9F77EE75B245",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_pc_protection:3.6ccc:*:*:*:*:*:*:*",
              "matchCriteriaId": "F101B85F-C141-4977-885F-C29306BF1C97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_pc_protection:3.6ccd:*:*:*:*:*:*:*",
              "matchCriteriaId": "5746C7F8-8560-4082-AD73-66DB9D16D619",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_pc_protection:3.6cce:*:*:*:*:*:*:*",
              "matchCriteriaId": "A76034E6-B3B8-4A6A-B6CA-16AA2A8CD854",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_pc_protection:3.6ccf:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A02F0CF-E1C0-43FE-9971-966002A53679",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_server_protection:3.6cbz:*:*:*:*:*:*:*",
              "matchCriteriaId": "E33242A8-7BE6-4A69-A7CC-81BAFC2ADD50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_server_protection:3.6cca:*:*:*:*:*:*:*",
              "matchCriteriaId": "21E08CB5-0C90-4AF2-814C-3B4333681575",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_server_protection:3.6ccb:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A52A4E2-281A-460C-BCCC-00A464BD6270",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_server_protection:3.6ccc:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7DB4F39-B3C9-4AA2-A047-709A5D9B7F84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_server_protection:3.6ccd:*:*:*:*:*:*:*",
              "matchCriteriaId": "4987E532-8729-4BC4-9997-962C32BC6CFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_server_protection:3.6cce:*:*:*:*:*:*:*",
              "matchCriteriaId": "B47779E2-7BC5-4A5D-AD90-AC226735C631",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_server_protection:3.6ccf:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BB1C793-85F6-48EB-8A53-DE8E91271A6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_desktop:3.6ebz:*:*:*:*:*:*:*",
              "matchCriteriaId": "E237D220-5C26-428C-9112-1BBF355292CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_desktop:3.6eca:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF2247F3-0287-40DC-8CE8-3D0E15910056",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_desktop:3.6ecb:*:*:*:*:*:*:*",
              "matchCriteriaId": "102A8F85-B009-4217-9F6C-9B5988822B63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_desktop:3.6ecd:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC8C6E4A-B4B6-4E78-992E-DB98256C39A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_desktop:3.6ece:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD4FD0C8-AC98-44F7-8914-57CE03120014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_desktop:3.6ecf:*:*:*:*:*:*:*",
              "matchCriteriaId": "23AE96AD-84D6-4C76-9197-AFCDCC6EA705",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_desktop:7.0eba:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC82898A-8EF8-4DAC-A6DB-2540D0214502",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_desktop:7.0ebf:*:*:*:*:*:*:*",
              "matchCriteriaId": "57B54D56-7F1B-4390-835F-EF6B4B9BF297",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_desktop:7.0ebg:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F9233FA-D30A-4D0B-9605-CAA119C97CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_desktop:7.0ebh:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3D6113C-1D2C-4502-A6DE-BF2904E535E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_desktop:7.0ebj:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FE8756F-6E96-4E03-88A4-595F166A991D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_desktop:7.0ebk:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8094437-D1DD-40BB-8572-10D77ADACE4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_desktop:7.0ebl:*:*:*:*:*:*:*",
              "matchCriteriaId": "E16E3E8D-B79A-4747-9CBE-60DEE3634F68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_guard:3.6ebz:*:*:*:*:*:*:*",
              "matchCriteriaId": "377798C2-58E5-409E-AC74-7B343F8DB4C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_guard:3.6eca:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F87C5D-6785-48BF-95C3-0B369FA460B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_guard:3.6ecb:*:*:*:*:*:*:*",
              "matchCriteriaId": "31FBC29D-CA61-44D8-A270-46A03A833B86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_guard:3.6ecc:*:*:*:*:*:*:*",
              "matchCriteriaId": "A86CD5F2-8C8D-425D-9F00-B3640C53383F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_guard:3.6ecd:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A5DA13A-1070-4EF9-A9DE-92A7FA83DAB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_guard:3.6ece:*:*:*:*:*:*:*",
              "matchCriteriaId": "577AEB0F-8644-4125-8A43-CBC82CF44853",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_guard:3.6ecf:*:*:*:*:*:*:*",
              "matchCriteriaId": "B530CD88-6B32-480C-9603-A25C38D274C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_network_sensor:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A0F6286-EF98-44BD-8CA6-BAB33544EA64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_network_sensor:7.0:xpu_20.11:*:*:*:*:*:*",
              "matchCriteriaId": "7A504DCD-CF18-4539-A7CB-EA04BFA81619",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_network_sensor:7.0:xpu_22.10:*:*:*:*:*:*",
              "matchCriteriaId": "9A191358-1459-4E71-9F12-99D12003E7B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_network_sensor:7.0:xpu_22.4:*:*:*:*:*:*",
              "matchCriteriaId": "CC8E40A1-3249-41D5-8B0E-6BCD9DB233D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_network_sensor:7.0:xpu_22.9:*:*:*:*:*:*",
              "matchCriteriaId": "A69442C9-948D-4A9B-9457-EB88264C01E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_sentry:3.6ebz:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F724DC4-27FB-4A03-821E-42950C29EED5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_sentry:3.6eca:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F0A7A6F-1D77-4B9A-83D8-65EDA6C03520",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_sentry:3.6ecb:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E50FCC4-5C32-4F7E-A344-CAC2AFF8FA25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_sentry:3.6ecc:*:*:*:*:*:*:*",
              "matchCriteriaId": "A52E596F-5C78-4E50-9E47-FA2302338700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_sentry:3.6ecd:*:*:*:*:*:*:*",
              "matchCriteriaId": "E644AD11-6279-45D5-A66D-AA7B2308F698",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_sentry:3.6ece:*:*:*:*:*:*:*",
              "matchCriteriaId": "B48FAF98-BFE6-4217-8C47-56BE3DA99BFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_sentry:3.6ecf:*:*:*:*:*:*:*",
              "matchCriteriaId": "8983BE98-CC42-4B87-931B-31EF6B9AB840",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:6.0:*:windows:*:*:*:*:*",
              "matchCriteriaId": "FDDE63D7-E55B-4835-8743-328F3030F4EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:6.0.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "97C22F7D-EB60-4B78-87AA-1BFA2FA4E515",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:6.0.1_win_sr1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1447560D-A958-4BCC-8115-64F3D04B49D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:6.5:*:windows:*:*:*:*:*",
              "matchCriteriaId": "D325FA2D-0369-4AA7-B71B-26C4045DE830",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:6.5:sr3.2:windows:*:*:*:*:*",
              "matchCriteriaId": "63582601-9CF4-42B0-B020-DE545C6F6476",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:6.5:sr3.3:windows:*:*:*:*:*",
              "matchCriteriaId": "E51BF25F-4C02-46FF-BB15-737AE101323A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF470B25-8035-40A4-BBCC-9CEF2D90B315",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A07C2AA4-15C9-4145-8630-F2BDDD1ADAA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "95ADE273-2B32-45F8-A19A-2B3CF0E3C5E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F4A847C-73E3-4167-A701-5CFA34B41F1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DE03A8A-0BBF-4A00-854E-E5D3AEEA3038",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "846E7E1C-D355-41A4-A5DF-0ED7D36CB606",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B921BE08-18CB-410F-9FBF-378B345BB632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9A0A43B-1C18-4865-81EC-94823FA327D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.1:*:*:*:*:*:*",
              "matchCriteriaId": "50DDAB1D-D84D-41B4-BE61-B031F85BAA7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.10:*:*:*:*:*:*",
              "matchCriteriaId": "345F0C75-D471-47AB-90B2-F0E6E08D65D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.11:*:*:*:*:*:*",
              "matchCriteriaId": "982C0194-9C25-4731-9EC2-F5292E596D8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.2:*:*:*:*:*:*",
              "matchCriteriaId": "AD295E17-E4EB-41FC-A8FA-E463EF2CB33A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.3:*:*:*:*:*:*",
              "matchCriteriaId": "3AE17062-3422-4684-B5B4-29410B03A16A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.4:*:*:*:*:*:*",
              "matchCriteriaId": "6E854CC4-B8A6-4565-BA20-307C4B598409",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.5:*:*:*:*:*:*",
              "matchCriteriaId": "CEC8903E-54DB-4AFF-98EB-50DD7E989685",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.6:*:*:*:*:*:*",
              "matchCriteriaId": "679594CC-1517-44C1-9A27-6D3041D94F25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.7:*:*:*:*:*:*",
              "matchCriteriaId": "E86D698A-867A-49D2-81A0-E9001F7CAEA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.8:*:*:*:*:*:*",
              "matchCriteriaId": "8174C7C5-91E0-4A1F-9A4B-6BDABA04E76C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.9:*:*:*:*:*:*",
              "matchCriteriaId": "38CA54FF-3A3F-4994-82C3-B07D316375D8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:iss:proventia_a_series_xpu:20.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "539881F0-EBAC-46DC-9CFB-61EC25D5E081",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_a_series_xpu:22.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AB5CCAC-7E1E-4CCB-9233-9FBF0BC1CC9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_a_series_xpu:22.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9316064A-EE65-4444-AEA7-9820CAA725CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_a_series_xpu:22.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B123819-8C67-4163-BB2B-EB25F85D9B63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_a_series_xpu:22.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "64225CAB-B26C-42DB-B73E-D561AE98DE3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_a_series_xpu:22.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB5C9774-043D-40C7-B8A1-A054893CF32B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_a_series_xpu:22.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F7036D0-11EC-4DF1-89C5-A4CAE1F2EADF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_a_series_xpu:22.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7851B0FE-865B-4B98-BC9A-0F9F33B919FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_a_series_xpu:22.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA8B4BFA-24A1-4912-BF8F-BC1B34B7CF23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_a_series_xpu:22.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FF13B73-03B1-4293-BDD5-531D27194BB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_a_series_xpu:22.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA1B66A-68FA-4D7B-9F84-2F246AF02BF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_g_series_xpu:22.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "34C4BE13-2464-4503-95B0-DAAB6456DE21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_g_series_xpu:22.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "48849D08-AEFB-4803-8BBE-3B26DA3AA2AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_g_series_xpu:22.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C3D5C60-1E1C-4831-895A-7C28D279FFF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_g_series_xpu:22.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AC28B6F-D51D-45D6-8255-6B51E9AE3F7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_g_series_xpu:22.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7C23B03-7173-4548-926E-DADA3CCF5C71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_g_series_xpu:22.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F2D006B-9F5B-40CC-991D-A7791D8ED195",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_g_series_xpu:22.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA2C7B52-9341-4F88-B4D6-751573AB7A3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_g_series_xpu:22.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC9EFA94-5658-4AB0-9F81-9B5ED9F2002C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_g_series_xpu:22.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "40FFBAF4-558B-410E-A655-97B769656191",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_g_series_xpu:22.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9083295-15FE-4965-9C0D-3663FBA4E769",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_g_series_xpu:22.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "748C02A3-71AE-4E3F-9C60-981E01CEDD50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_m_series_xpu:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "76485FF8-4187-4934-994C-440B252B2A8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_m_series_xpu:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1D62AAB-5111-4C77-B1DE-B0EAB27EA8DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_m_series_xpu:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1CEE521-AF0A-4210-A1DD-DF988287F989",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_m_series_xpu:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D704A967-4032-4C23-A63E-ADCC31BB6ED7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_m_series_xpu:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E97E44BD-5424-48FD-A1BF-C5F616A045BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_m_series_xpu:1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9778EC91-CCD8-403E-BE74-50E19FF807B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_m_series_xpu:1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "76715627-E34C-4F04-9174-C20E3218607C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_m_series_xpu:1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAC74BF9-531D-415F-915A-06423E4EB6FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_m_series_xpu:1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBC5E128-9F84-4712-903A-3AEB347F3BF0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de b\u00fafer basado en la pila en las rutinas de an\u00e1lisis de ICQ en el componente ISS Protocol Analysis Module (PAM), utilizado en varios productos RealSecure, Proventia y BlackICE, permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante un respuesta SRV_MULTI conteniendo un paquete de respuesta SRV_USER_ONLINE y un paquete de respuesta SRV_META_USER con campos 1) nickname, (2) firstname, (3) lastname, o (4) email largos, como son explotados por el gusanto \u0027Witty\u0027."
    }
  ],
  "id": "CVE-2004-0362",
  "lastModified": "2024-11-20T23:48:24.907",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-04-15T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=107965651712378\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/11073"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ciac.org/ciac/bulletins/o-104.shtml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.eeye.com/html/Research/Advisories/AD20040318.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/947254"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/4355"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/9913"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://xforce.iss.net/xforce/alerts/id/166"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15442"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15543"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=107965651712378\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/11073"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ciac.org/ciac/bulletins/o-104.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.eeye.com/html/Research/Advisories/AD20040318.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/947254"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/4355"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/9913"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://xforce.iss.net/xforce/alerts/id/166"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15442"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15543"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.