Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm.
References
Link | Resource |
---|---|
http://marc.info/?l=bugtraq&m=107965651712378&w=2 | |
http://secunia.com/advisories/11073 | |
http://www.ciac.org/ciac/bulletins/o-104.shtml | |
http://www.eeye.com/html/Research/Advisories/AD20040318.html | |
http://www.kb.cert.org/vuls/id/947254 | Patch Third Party Advisory US Government Resource |
http://www.osvdb.org/4355 | |
http://www.securityfocus.com/bid/9913 | Exploit Patch Vendor Advisory |
http://xforce.iss.net/xforce/alerts/id/166 | Patch Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/15442 | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/15543 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2004-03-23T05:00:00
Updated: 2017-07-10T14:57:01
Reserved: 2004-03-18T00:00:00
Link: CVE-2004-0362
JSON object: View
NVD Information
Status : Modified
Published: 2004-04-15T04:00:00.000
Modified: 2017-07-11T01:30:06.120
Link: CVE-2004-0362
JSON object: View
Redhat Information
No data.
CWE