Vulnerabilities for Realsecure sentry (...) - CXSECURITY.COM

Vulnerabilities for 'Realsecure sentry'

2004-04-15

CVE-2004-0362

Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm.

2004-03-15

CVE-2004-0193

Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Server Protection 3.6, allows remote attackers to execute arbitrary code via an SMB packet containing an authentication request with a long username.

>>> Vendor: ISS 21 Products

Internet security scanner

Blackice defender

Realsecure network sensor

Realsecure server sensor

Realsecure nokia

Internet scanner

Realsecure event collector

Blackice server protection

Blackice agent server

Blackice pc protection

Realsecure desktop

Realsecure guard

Realsecure network

Realsecure sentry

Proventia a series xpu

Proventia g series xpu

Proventia m series xpu

Proventia desktop

Proventia server

Copyright 2024, cxsecurity.com