CVE-2004-0362
CVE-2004-0362
Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm.
Productos afectados
n/a · n/aPoCs públicas encontradas — 2
exploitdbwww.exploit-db.com/exploits/16464no verificadoexploitdbwww.exploit-db.com/exploits/168no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://marc.info/?l=bugtraq&m=107965651712378&w=2http://secunia.com/advisories/11073https://exchange.xforce.ibmcloud.com/vulnerabilities/15442https://exchange.xforce.ibmcloud.com/vulnerabilities/15543http://www.ciac.org/ciac/bulletins/o-104.shtmlhttp://www.eeye.com/html/Research/Advisories/AD20040318.htmlhttp://www.kb.cert.org/vuls/id/947254http://www.osvdb.org/4355http://www.securityfocus.com/bid/9913http://xforce.iss.net/xforce/alerts/id/166