CVE-2004-0193

Current Description

Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Server Protection 3.6, allows remote attackers to execute arbitrary code via an SMB packet containing an authentication request with a long username.

Basic Data

PublishedMarch 15, 2004
Last ModifiedOctober 10, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score7.5
SeverityHIGH
Exploitability Score10.0
Impact Score6.4
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegetrue

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationIssBlackice Agent Server3.6eca*******
    2.3ApplicationIssBlackice Pc Protection3.6cbd*******
    2.3ApplicationIssBlackice Server Protection3.6cbz*******
    2.3ApplicationIssRealsecure Desktop3.6eca*******
    2.3ApplicationIssRealsecure Desktop3.6ecf*******
    2.3ApplicationIssRealsecure Desktop7.0ebg*******
    2.3ApplicationIssRealsecure Desktop7.0epk*******
    2.3ApplicationIssRealsecure Guard3.6ecb*******
    2.3ApplicationIssRealsecure Network7.0xpu_20.15******
    2.3ApplicationIssRealsecure Sentry3.6ecf*******
    2.3ApplicationIssRealsecure Server Sensor7.0xpu20.16******
  • OR - Configuration 2
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3HardwareIssProventia A Series Xpu20.15*******
    2.3HardwareIssProventia G Series Xpu22.3*******
    2.3HardwareIssProventia M Series Xpu1.30*******

Vulnerable Software List

VendorProductVersions
Iss Blackice Agent Server 3.6eca
Iss Blackice Pc Protection 3.6cbd
Iss Realsecure Desktop 3.6eca, 3.6ecf, 7.0ebg, 7.0epk
Iss Realsecure Guard 3.6ecb
Iss Realsecure Network 7.0
Iss Realsecure Sentry 3.6ecf
Iss Proventia A Series Xpu 20.15
Iss Proventia G Series Xpu 22.3
Iss Blackice Server Protection 3.6cbz
Iss Proventia M Series Xpu 1.30
Iss Realsecure Server Sensor 7.0

References

NameSourceURLTags
20040227 EEYE: RealSecure/BlackICE Server Message Block (SMB) Processing Overflowhttp://marc.info/?l=bugtraq&m=107789851117176&w=2BUGTRAQ
10988http://secunia.com/advisories/10988SECUNIA
AD20040226http://www.eeye.com/html/Research/Advisories/AD20040226.htmlEEYE
http://www.eeye.com/html/Research/Upcoming/20040213.htmlhttp://www.eeye.com/html/Research/Upcoming/20040213.htmlMISCVendor Advisory
VU#150326http://www.kb.cert.org/vuls/id/150326CERT-VNPATCH Third Party Advisory US Government Resource
4072http://www.osvdb.org/4072OSVDB
9752http://www.securityfocus.com/bid/9752BID
20040226 Vulnerability in SMB Parsing in ISS Productshttp://xforce.iss.net/xforce/alerts/id/165ISSPATCH Vendor Advisory
pam-smb-protocol-bo(15207)https://exchange.xforce.ibmcloud.com/vulnerabilities/15207XF