var-200403-0064
Vulnerability from variot
Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Server Protection 3.6, allows remote attackers to execute arbitrary code via an SMB packet containing an authentication request with a long username. Internet Security Systems' BlackICE and RealSecure intrusion detection products contain a remotely exploitable vulnerability. Exploitation of this vulnerability could lead to the compromise of the system with privileges of the vulnerable process, typically the "SYSTEM" user. The issue exists in the SMB parsing routines provided by the module and is due to insufficient bounds checking of protocol fields. This issue could potentially be exploited to execute arbitrary code on systems hosting the vulnerable software, potentially resulting in system compromise. RealSecure and BlackICE are host-based intrusion detection/prevention systems offered by ISS that identify and block network attacks and intrusions. Remote attackers can exploit this vulnerability to carry out buffer overflow attacks and execute arbitrary commands on the host with system privileges. Protocol Analysis Module (Protocol Analysis Module) is used to analyze network protocols to perform further analysis and attack detection. One of the supported protocols is the SMB protocol. SMB provides a mechanism for clients to remotely access resources such as files, printers, and named pipes. Because the PAM protocol analysis module lacks sufficient boundary checks in the parsing of \"Setup AndX\" SMB requests, the result can lead to remote attackers submitting SMB \"Setup AndX\" whose AccountName parameter contains a character string exceeding 300 bytes or longer " request, which can trigger a heap-based overflow. However, in some products, heap protection can detect these memory corruptions and restart PAM components to clean up the heap content. SMB parsing is state-based in PAM, and can only be triggered by establishing a real SMB connection with the server in the network through TCP/IP
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200403-0064",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "blackice server protection",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "3.6cbz"
},
{
"model": "blackice agent server",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "3.6eca"
},
{
"model": "realsecure desktop",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "7.0ebg"
},
{
"model": "realsecure guard",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "3.6ecb"
},
{
"model": "realsecure network",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "7.0"
},
{
"model": "realsecure desktop",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "7.0epk"
},
{
"model": "blackice pc protection",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "3.6cbd"
},
{
"model": "realsecure desktop",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "3.6eca"
},
{
"model": "realsecure sentry",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "3.6ecf"
},
{
"model": "realsecure desktop",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "3.6ecf"
},
{
"model": "realsecure server sensor",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "7.0"
},
{
"model": "proventia m series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "1.30"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "22.3"
},
{
"model": "proventia a series xpu",
"scope": "eq",
"trust": 1.0,
"vendor": "iss",
"version": "20.15"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet security",
"version": null
},
{
"model": "realsecure network sensor",
"scope": "eq",
"trust": 0.8,
"vendor": "the internet security",
"version": "7.0"
},
{
"model": "realsecure server sensor",
"scope": "eq",
"trust": 0.8,
"vendor": "the internet security",
"version": "7.0"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.9"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.020.19"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.020.18"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.020.16"
},
{
"model": "security systems realsecure sentry ecb",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure sentry ebr",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure network sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.9"
},
{
"model": "security systems realsecure network sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.020.11"
},
{
"model": "security systems realsecure guard ecb",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure guard ebr",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure desktop ebh",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.0"
},
{
"model": "security systems realsecure desktop ebg",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.0"
},
{
"model": "security systems realsecure desktop eba",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.0"
},
{
"model": "security systems realsecure desktop ecb",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure desktop eca",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure desktop ebr",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems proventia m series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "1.7"
},
{
"model": "security systems proventia m series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "1.3"
},
{
"model": "security systems proventia a series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "22.9"
},
{
"model": "security systems proventia a series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "20.15"
},
{
"model": "security systems blackice server protection ccb",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection cbz",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice server protection cbr",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice pc protection ccb",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice pc protection cbr",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice pc protection .cbz",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "22.9"
},
{
"model": "proventia g series xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "22.3"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.10"
},
{
"model": "security systems realsecure sentry ecd",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure network sensor xpu",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "7.022.10"
},
{
"model": "security systems realsecure guard ecd",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems realsecure desktop ebj",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "7.0"
},
{
"model": "security systems realsecure desktop ecd",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems proventia m series xpu",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "1.8"
},
{
"model": "security systems proventia a series xpu",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "22.10"
},
{
"model": "security systems blackice server protection ccd",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "security systems blackice pc protection ccd",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "3.6"
},
{
"model": "proventia g series xpu",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "22.10"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#150326"
},
{
"db": "BID",
"id": "9752"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000059"
},
{
"db": "CNNVD",
"id": "CNNVD-200403-071"
},
{
"db": "NVD",
"id": "CVE-2004-0193"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:iss:realsecure_network_sensor",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:iss:realsecure_server_sensor",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000059"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "eEye info@eEye.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200403-071"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0193",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2004-0193",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-8623",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2004-0193",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#150326",
"trust": 0.8,
"value": "12.12"
},
{
"author": "NVD",
"id": "CVE-2004-0193",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200403-071",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-8623",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#150326"
},
{
"db": "VULHUB",
"id": "VHN-8623"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000059"
},
{
"db": "CNNVD",
"id": "CNNVD-200403-071"
},
{
"db": "NVD",
"id": "CVE-2004-0193"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Server Protection 3.6, allows remote attackers to execute arbitrary code via an SMB packet containing an authentication request with a long username. Internet Security Systems\u0027 BlackICE and RealSecure intrusion detection products contain a remotely exploitable vulnerability. Exploitation of this vulnerability could lead to the compromise of the system with privileges of the vulnerable process, typically the \"SYSTEM\" user. The issue exists in the SMB parsing routines provided by the module and is due to insufficient bounds checking of protocol fields. \nThis issue could potentially be exploited to execute arbitrary code on systems hosting the vulnerable software, potentially resulting in system compromise. RealSecure and BlackICE are host-based intrusion detection/prevention systems offered by ISS that identify and block network attacks and intrusions. Remote attackers can exploit this vulnerability to carry out buffer overflow attacks and execute arbitrary commands on the host with system privileges. Protocol Analysis Module (Protocol Analysis Module) is used to analyze network protocols to perform further analysis and attack detection. One of the supported protocols is the SMB protocol. SMB provides a mechanism for clients to remotely access resources such as files, printers, and named pipes. Because the PAM protocol analysis module lacks sufficient boundary checks in the parsing of \\\"Setup AndX\\\" SMB requests, the result can lead to remote attackers submitting SMB \\\"Setup AndX\\\" whose AccountName parameter contains a character string exceeding 300 bytes or longer \" request, which can trigger a heap-based overflow. However, in some products, heap protection can detect these memory corruptions and restart PAM components to clean up the heap content. SMB parsing is state-based in PAM, and can only be triggered by establishing a real SMB connection with the server in the network through TCP/IP",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0193"
},
{
"db": "CERT/CC",
"id": "VU#150326"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000059"
},
{
"db": "BID",
"id": "9752"
},
{
"db": "VULHUB",
"id": "VHN-8623"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#150326",
"trust": 3.3
},
{
"db": "BID",
"id": "9752",
"trust": 2.8
},
{
"db": "NVD",
"id": "CVE-2004-0193",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "10988",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "4072",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000059",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200403-071",
"trust": 0.7
},
{
"db": "ISS",
"id": "20040226 VULNERABILITY IN SMB PARSING IN ISS PRODUCTS",
"trust": 0.6
},
{
"db": "EEYE",
"id": "AD20040226",
"trust": 0.6
},
{
"db": "XF",
"id": "15207",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20040227 EEYE: REALSECURE/BLACKICE SERVER MESSAGE BLOCK (SMB) PROCESSING OVERFLOW",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-8623",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#150326"
},
{
"db": "VULHUB",
"id": "VHN-8623"
},
{
"db": "BID",
"id": "9752"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000059"
},
{
"db": "CNNVD",
"id": "CNNVD-200403-071"
},
{
"db": "NVD",
"id": "CVE-2004-0193"
}
]
},
"id": "VAR-200403-0064",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-8623"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T15:20:17.955000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.isskk.co.jp/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000059"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0193"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://www.eeye.com/html/research/advisories/ad20040226.html"
},
{
"trust": 2.8,
"url": "http://xforce.iss.net/xforce/alerts/id/165"
},
{
"trust": 2.5,
"url": "http://www.eeye.com/html/research/upcoming/20040213.html"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/9752"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/150326"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/4072"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/10988"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=107789851117176\u0026w=2"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15207"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0193"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-0193"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/15207"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=107789851117176\u0026w=2"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#150326"
},
{
"db": "VULHUB",
"id": "VHN-8623"
},
{
"db": "BID",
"id": "9752"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000059"
},
{
"db": "CNNVD",
"id": "CNNVD-200403-071"
},
{
"db": "NVD",
"id": "CVE-2004-0193"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#150326"
},
{
"db": "VULHUB",
"id": "VHN-8623"
},
{
"db": "BID",
"id": "9752"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000059"
},
{
"db": "CNNVD",
"id": "CNNVD-200403-071"
},
{
"db": "NVD",
"id": "CVE-2004-0193"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-02-27T00:00:00",
"db": "CERT/CC",
"id": "VU#150326"
},
{
"date": "2004-03-15T00:00:00",
"db": "VULHUB",
"id": "VHN-8623"
},
{
"date": "2004-02-26T00:00:00",
"db": "BID",
"id": "9752"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000059"
},
{
"date": "2004-02-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200403-071"
},
{
"date": "2004-03-15T05:00:00",
"db": "NVD",
"id": "CVE-2004-0193"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-02-27T00:00:00",
"db": "CERT/CC",
"id": "VU#150326"
},
{
"date": "2017-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-8623"
},
{
"date": "2004-02-26T00:00:00",
"db": "BID",
"id": "9752"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000059"
},
{
"date": "2005-05-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200403-071"
},
{
"date": "2017-10-10T01:30:19.173000",
"db": "NVD",
"id": "CVE-2004-0193"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200403-071"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Internet Security Systems\u0027 BlackICE and RealSecure contain a heap overflow in the processing of SMB packets",
"sources": [
{
"db": "CERT/CC",
"id": "VU#150326"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "9752"
},
{
"db": "CNNVD",
"id": "CNNVD-200403-071"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.