Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Server Protection 3.6, allows remote attackers to execute arbitrary code via an SMB packet containing an authentication request with a long username.
References
Link | Resource |
---|---|
http://marc.info/?l=bugtraq&m=107789851117176&w=2 | |
http://secunia.com/advisories/10988 | |
http://www.eeye.com/html/Research/Advisories/AD20040226.html | |
http://www.eeye.com/html/Research/Upcoming/20040213.html | Vendor Advisory |
http://www.kb.cert.org/vuls/id/150326 | Patch Third Party Advisory US Government Resource |
http://www.osvdb.org/4072 | |
http://www.securityfocus.com/bid/9752 | |
http://xforce.iss.net/xforce/alerts/id/165 | Patch Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/15207 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2004-09-01T04:00:00
Updated: 2004-03-18T10:00:00
Reserved: 2004-03-04T00:00:00
Link: CVE-2004-0193
JSON object: View
NVD Information
Status : Modified
Published: 2004-03-15T05:00:00.000
Modified: 2017-10-10T01:30:19.173
Link: CVE-2004-0193
JSON object: View
Redhat Information
No data.
CWE