Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0237

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0237
Last Modified 10 Sep 2008 08:00:47
Published 29 May 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0237

Summary

Buffer overflow in ISS BlackICE Defender 2.9 and earlier, BlackICE Agent 3.0 and 3.1, and RealSecure Server Sensor 6.0.1 and 6.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a flood of large ICMP ping packets.

Vulnerable Systems

Application

  • Iss Blackice Agent 3.0

  • Iss Blackice Agent 3.1

  • Iss Blackice Defender 2.9

  • Iss Blackice Defender 2.9cap

  • Iss Blackice Defender 2.9caq

  • Iss Realsecure Server Sensor 6.0.1

  • Iss Realsecure Server Sensor 6.5


References

XF - blackice-ping-flood-dos(8058)

ISS - 20020204 DoS and Potential Overflow Vulnerability in BlackICE Products

BUGTRAQ - 20020209 ALERT: ISS BlackICE Kernel Overflow Exploitable

BID - 4025

BUGTRAQ - 20020206 Black ICE Ping Vulnerability Side Note

BUGTRAQ - 20020204 Vulnerability in Black ICE Defender


Last Updated: 27 May 2016 10:36:50