Sign-up

ID

VAR-200205-0034


CVE

CVE-2002-0237


TITLE

ISS BlackICE and RealSecure Remote denial of service vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200205-101

DESCRIPTION

Buffer overflow in ISS BlackICE Defender 2.9 and earlier, BlackICE Agent 3.0 and 3.1, and RealSecure Server Sensor 6.0.1 and 6.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a flood of large ICMP ping packets. Internet Security Systems's BlackICE Defender, BlackICE Agent and RealSecure Server Sensor, are network intrusion detection systems which run in Microsoft Windows environments. A buffer overflow condition has been reported in these products which can be exploited by a remote user. Exploitation is achievable via a ping flood attack. Sending a series of large Echo Request (ping) packets to a target host will trigger the overflow. It is possible to execute arbitrary code with kernel-level privileges. Only Windows 2000 and XP hosts are affected by this vulnerability

Trust: 1.26

sources: NVD: CVE-2002-0237 // BID: 4025 // VULHUB: VHN-4630

AFFECTED PRODUCTS

vendor:issmodel:blackice agentscope:eqversion:3.1

Trust: 1.6

vendor:issmodel:realsecure server sensorscope:eqversion:6.0.1

Trust: 1.6

vendor:issmodel:blackice defenderscope:eqversion:2.9caq

Trust: 1.6

vendor:issmodel:blackice defenderscope:eqversion:2.9cap

Trust: 1.6

vendor:issmodel:blackice defenderscope:eqversion:2.9

Trust: 1.6

vendor:issmodel:realsecure server sensorscope:eqversion:6.5

Trust: 1.6

vendor:issmodel:blackice agentscope:eqversion:3.0

Trust: 1.6

vendor:internetmodel:security systems realsecure server sensor winscope:eqversion:6.5

Trust: 0.3

vendor:internetmodel:security systems realsecure server sensor winscope:eqversion:6.0.1

Trust: 0.3

vendor:internetmodel:security systems blackice defender caqscope:eqversion:2.9

Trust: 0.3

vendor:internetmodel:security systems blackice defender capscope:eqversion:2.9

Trust: 0.3

vendor:internetmodel:security systems blackice defenderscope:eqversion:2.9

Trust: 0.3

vendor:internetmodel:security systems blackice agentscope:eqversion:3.1

Trust: 0.3

vendor:internetmodel:security systems blackice agentscope:eqversion:3.0

Trust: 0.3

vendor:internetmodel:security systems blackice defender carscope:neversion:2.9

Trust: 0.3

sources: BID: 4025 // CNNVD: CNNVD-200205-101 // NVD: CVE-2002-0237

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2002-0237
value: HIGH

Trust: 1.0

CNNVD: CNNVD-200205-101
value: HIGH

Trust: 0.6

VULHUB: VHN-4630
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2002-0237
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-4630
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-4630 // CNNVD: CNNVD-200205-101 // NVD: CVE-2002-0237

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2002-0237

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200205-101

TYPE

Boundary Condition Error

Trust: 0.9

sources: BID: 4025 // CNNVD: CNNVD-200205-101

EXTERNAL IDS

db:BIDid:4025

Trust: 2.0

db:NVDid:CVE-2002-0237

Trust: 1.7

db:CNNVDid:CNNVD-200205-101

Trust: 0.7

db:BUGTRAQid:20020204 VULNERABILITY IN BLACK ICE DEFENDER

Trust: 0.6

db:BUGTRAQid:20020209 ALERT: ISS BLACKICE KERNEL OVERFLOW EXPLOITABLE

Trust: 0.6

db:BUGTRAQid:20020206 BLACK ICE PING VULNERABILITY SIDE NOTE

Trust: 0.6

db:ISSid:20020204 DOS AND POTENTIAL OVERFLOW VULNERABILITY IN BLACKICE PRODUCTS

Trust: 0.6

db:NTBUGTRAQid:20020209 ALERT: ISS BLACKICE KERNEL OVERFLOW EXPLOITABLE

Trust: 0.6

db:XFid:8058

Trust: 0.6

db:VULHUBid:VHN-4630

Trust: 0.1

sources: VULHUB: VHN-4630 // BID: 4025 // CNNVD: CNNVD-200205-101 // NVD: CVE-2002-0237

REFERENCES

url:http://www.securityfocus.com/bid/4025

Trust: 2.7

url:http://www.iss.net/security_center/alerts/advise109.php

Trust: 2.7

url:http://www.iss.net/security_center/static/8058.php

Trust: 2.7

url:http://marc.info/?l=bugtraq&m=101286393404301&w=2

Trust: 2.1

url:http://marc.info/?l=bugtraq&m=101302424803268&w=2

Trust: 2.1

url:http://marc.info/?l=bugtraq&m=101321744807452&w=2

Trust: 2.1

url:http://marc.info/?l=ntbugtraq&m=101353165915171&w=2

Trust: 2.1

url:http://marc.theaimsgroup.com/?l=bugtraq&m=101321744807452&w=2

Trust: 0.6

url:http://marc.theaimsgroup.com/?l=ntbugtraq&m=101353165915171&w=2

Trust: 0.6

url:http://marc.theaimsgroup.com/?l=bugtraq&m=101302424803268&w=2

Trust: 0.6

url:http://marc.theaimsgroup.com/?l=bugtraq&m=101286393404301&w=2

Trust: 0.6

url:http://www.networkice.com/products/blackice_defender.html

Trust: 0.3

sources: VULHUB: VHN-4630 // BID: 4025 // CNNVD: CNNVD-200205-101 // NVD: CVE-2002-0237

CREDITS

Matt Taylor※ quisit@quest.net

Trust: 0.6

sources: CNNVD: CNNVD-200205-101

SOURCES

db:VULHUBid:VHN-4630
db:BIDid:4025
db:CNNVDid:CNNVD-200205-101
db:NVDid:CVE-2002-0237

LAST UPDATE DATE

2024-11-22T23:14:57.658000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-4630date:2016-10-18T00:00:00
db:BIDid:4025date:2002-02-04T00:00:00
db:CNNVDid:CNNVD-200205-101date:2005-05-02T00:00:00
db:NVDid:CVE-2002-0237date:2024-11-20T23:38:37.480

SOURCES RELEASE DATE

db:VULHUBid:VHN-4630date:2002-05-29T00:00:00
db:BIDid:4025date:2002-02-04T00:00:00
db:CNNVDid:CNNVD-200205-101date:2002-02-04T00:00:00
db:NVDid:CVE-2002-0237date:2002-05-29T04:00:00