Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Heap Overflow Vulnerability in ISS RealSecure and BlackICE Servers
A heap-overflow vulnerability in RealSecure and BlackICE servers can result in the arbitrary execution of code on the vulnerable server.
Ken Pfeil
February 26, 2004
2 Min Read
Reported February 26, 2004 by eEye Digital Security.
VERSIONS AFFECTED
RealSecure Network 7.0, XPU 20.15 through 22.9
Real Secure Server Sensor 7.0 XPU 20.16 through 22.9
Proventia A Series XPU 20.15 through 22.9
Proventia G Series XPU 22.3 through 22.9
Proventia M Series XPU 1.3 through 1.7
RealSecure Desktop 7.0 eba through ebh
RealSecure Desktop 3.6 ebr through ecb
RealSecure Guard 3.6 ebr through ecb
RealSecure Sentry 3.6 ebr through ecb
BlackICE PC Protection 3.6 cbr through ccb
BlackICE Server Protection 3.6 cbr through ccb
DESCRIPTION
A heap-overflow vulnerability in RealSecure and BlackICE servers can result in the arbitrary execution of code on the vulnerable server. This vulnerability is a result of a flaw that exists within the component that handles the processing of Server Message Block (SMB) packets. By issuing an authentication request with a long username value, an attacker can trigger a direct heap overwrite and subsequently execute code.
VENDOR RESPONSE
Internet Security Systems has releasedpatches for the affected servers and recommends that affected users immediately apply them.
CREDITDiscovered by Barnaby Jack.
About the Author
You May Also Like
.jpg?width=700&auto=webp&quality=80&disable=upscale)
