Sign-up

ID

VAR-200404-0032


CVE

CVE-2004-0362


TITLE

Internet Security Systems Protocol Analysis Module (PAM) does not properly handle ICQ server response messages

Trust: 0.8

sources: CERT/CC: VU#947254

DESCRIPTION

Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm. The Protocol Analysis Module (PAM) used by Internet Security Systems (ISS) intrusion detection and prevention products does not properly handle ICQ server response messages. An unauthenticated, remote attacker could execute arbitrary code by sending a specially crafted UDP packet. This issue exists due to insufficient bounds checking performed on certain unspecified ICQ protocol fields supplied in ICQ response data. This attack would occur in the context of the vulnerable process. This module is used to parse network protocols and is included in a number of products provided by ISS, including various RealSecure and BlackICE releases. To call these affected functions, an attacker simply needs to construct an SRV_USER_ONLINE reply containing two nested reply packets. Attackers can forge data frames and send them to networks, devices, and hosts protected by ISS products

Trust: 2.7

sources: NVD: CVE-2004-0362 // CERT/CC: VU#947254 // JVNDB: JVNDB-2004-000089 // BID: 9913 // VULHUB: VHN-8792

AFFECTED PRODUCTS

vendor:issmodel:proventia a series xpuscope:eqversion:22.1

Trust: 1.6

vendor:issmodel:proventia a series xpuscope:eqversion:20.11

Trust: 1.6

vendor:issmodel:proventia g series xpuscope:eqversion:22.2

Trust: 1.6

vendor:issmodel:realsecure server sensorscope:eqversion:7.0

Trust: 1.6

vendor:issmodel:proventia g series xpuscope:eqversion:22.3

Trust: 1.6

vendor:issmodel:realsecure network sensorscope:eqversion:7.0

Trust: 1.0

vendor:issmodel:blackice server protectionscope:eqversion:3.6ccf

Trust: 1.0

vendor:issmodel:proventia g series xpuscope:eqversion:22.1

Trust: 1.0

vendor:issmodel:proventia a series xpuscope:eqversion:22.4

Trust: 1.0

vendor:issmodel:blackice agent serverscope:eqversion:3.6eca

Trust: 1.0

vendor:issmodel:proventia m series xpuscope:eqversion:1.4

Trust: 1.0

vendor:issmodel:proventia g series xpuscope:eqversion:22.6

Trust: 1.0

vendor:issmodel:proventia m series xpuscope:eqversion:1.3

Trust: 1.0

vendor:issmodel:realsecure guardscope:eqversion:3.6ecc

Trust: 1.0

vendor:issmodel:realsecure server sensorscope:eqversion:6.5_win_sr3.9

Trust: 1.0

vendor:issmodel:realsecure server sensorscope:eqversion:6.0.1_win_sr1.1

Trust: 1.0

vendor:issmodel:blackice server protectionscope:eqversion:3.6cce

Trust: 1.0

vendor:issmodel:proventia a series xpuscope:eqversion:22.2

Trust: 1.0

vendor:issmodel:proventia m series xpuscope:eqversion:1.5

Trust: 1.0

vendor:issmodel:realsecure desktopscope:eqversion:3.6ecf

Trust: 1.0

vendor:issmodel:proventia a series xpuscope:eqversion:22.3

Trust: 1.0

vendor:issmodel:blackice pc protectionscope:eqversion:3.6cbz

Trust: 1.0

vendor:issmodel:proventia m series xpuscope:eqversion:1.8

Trust: 1.0

vendor:issmodel:blackice server protectionscope:eqversion:3.6cbz

Trust: 1.0

vendor:issmodel:realsecure sentryscope:eqversion:3.6ecc

Trust: 1.0

vendor:issmodel:realsecure desktopscope:eqversion:3.6ece

Trust: 1.0

vendor:issmodel:blackice server protectionscope:eqversion:3.6ccc

Trust: 1.0

vendor:issmodel:blackice agent serverscope:eqversion:3.6ecc

Trust: 1.0

vendor:issmodel:blackice pc protectionscope:eqversion:3.6cca

Trust: 1.0

vendor:issmodel:blackice pc protectionscope:eqversion:3.6ccd

Trust: 1.0

vendor:issmodel:blackice agent serverscope:eqversion:3.6ecf

Trust: 1.0

vendor:issmodel:realsecure desktopscope:eqversion:7.0ebf

Trust: 1.0

vendor:issmodel:proventia a series xpuscope:eqversion:22.6

Trust: 1.0

vendor:issmodel:proventia a series xpuscope:eqversion:22.7

Trust: 1.0

vendor:issmodel:blackice pc protectionscope:eqversion:3.6ccb

Trust: 1.0

vendor:issmodel:realsecure desktopscope:eqversion:3.6ecd

Trust: 1.0

vendor:issmodel:realsecure server sensorscope:eqversion:6.5

Trust: 1.0

vendor:issmodel:proventia a series xpuscope:eqversion:22.9

Trust: 1.0

vendor:issmodel:proventia m series xpuscope:eqversion:1.6

Trust: 1.0

vendor:issmodel:proventia a series xpuscope:eqversion:22.5

Trust: 1.0

vendor:issmodel:proventia g series xpuscope:eqversion:22.4

Trust: 1.0

vendor:issmodel:realsecure server sensorscope:eqversion:6.5_win_sr3.10

Trust: 1.0

vendor:issmodel:proventia g series xpuscope:eqversion:22.11

Trust: 1.0

vendor:issmodel:blackice agent serverscope:eqversion:3.6ecd

Trust: 1.0

vendor:issmodel:realsecure guardscope:eqversion:3.6eca

Trust: 1.0

vendor:issmodel:realsecure guardscope:eqversion:3.6ecb

Trust: 1.0

vendor:issmodel:realsecure desktopscope:eqversion:7.0ebh

Trust: 1.0

vendor:issmodel:realsecure guardscope:eqversion:3.6ebz

Trust: 1.0

vendor:issmodel:realsecure desktopscope:eqversion:7.0eba

Trust: 1.0

vendor:issmodel:realsecure desktopscope:eqversion:7.0ebg

Trust: 1.0

vendor:issmodel:blackice pc protectionscope:eqversion:3.6ccf

Trust: 1.0

vendor:issmodel:realsecure server sensorscope:eqversion:6.5_win_sr3.4

Trust: 1.0

vendor:issmodel:proventia m series xpuscope:eqversion:1.7

Trust: 1.0

vendor:issmodel:realsecure server sensorscope:eqversion:6.5_win_sr3.7

Trust: 1.0

vendor:issmodel:realsecure sentryscope:eqversion:3.6eca

Trust: 1.0

vendor:issmodel:realsecure sentryscope:eqversion:3.6ecb

Trust: 1.0

vendor:issmodel:realsecure sentryscope:eqversion:3.6ebz

Trust: 1.0

vendor:issmodel:blackice agent serverscope:eqversion:3.6ecb

Trust: 1.0

vendor:issmodel:blackice agent serverscope:eqversion:3.6ebz

Trust: 1.0

vendor:issmodel:blackice pc protectionscope:eqversion:3.6cce

Trust: 1.0

vendor:issmodel:realsecure desktopscope:eqversion:7.0ebk

Trust: 1.0

vendor:issmodel:proventia g series xpuscope:eqversion:22.7

Trust: 1.0

vendor:issmodel:realsecure server sensorscope:eqversion:6.5_win_sr3.1

Trust: 1.0

vendor:issmodel:proventia g series xpuscope:eqversion:22.9

Trust: 1.0

vendor:issmodel:realsecure server sensorscope:eqversion:6.0.1

Trust: 1.0

vendor:issmodel:proventia g series xpuscope:eqversion:22.10

Trust: 1.0

vendor:issmodel:proventia m series xpuscope:eqversion:1.2

Trust: 1.0

vendor:issmodel:proventia g series xpuscope:eqversion:22.5

Trust: 1.0

vendor:issmodel:blackice pc protectionscope:eqversion:3.6ccc

Trust: 1.0

vendor:issmodel:realsecure guardscope:eqversion:3.6ecf

Trust: 1.0

vendor:issmodel:realsecure server sensorscope:eqversion:6.5_win_sr3.6

Trust: 1.0

vendor:issmodel:proventia a series xpuscope:eqversion:22.8

Trust: 1.0

vendor:issmodel:blackice server protectionscope:eqversion:3.6cca

Trust: 1.0

vendor:issmodel:realsecure desktopscope:eqversion:7.0ebl

Trust: 1.0

vendor:issmodel:blackice server protectionscope:eqversion:3.6ccd

Trust: 1.0

vendor:issmodel:realsecure guardscope:eqversion:3.6ece

Trust: 1.0

vendor:issmodel:realsecure sentryscope:eqversion:3.6ecf

Trust: 1.0

vendor:issmodel:proventia m series xpuscope:eqversion:1.1

Trust: 1.0

vendor:issmodel:blackice server protectionscope:eqversion:3.6ccb

Trust: 1.0

vendor:issmodel:realsecure server sensorscope:eqversion:6.0

Trust: 1.0

vendor:issmodel:realsecure sentryscope:eqversion:3.6ece

Trust: 1.0

vendor:issmodel:realsecure desktopscope:eqversion:7.0ebj

Trust: 1.0

vendor:issmodel:blackice agent serverscope:eqversion:3.6ece

Trust: 1.0

vendor:issmodel:realsecure server sensorscope:eqversion:6.5_win_sr3.8

Trust: 1.0

vendor:issmodel:realsecure guardscope:eqversion:3.6ecd

Trust: 1.0

vendor:issmodel:proventia a series xpuscope:eqversion:22.10

Trust: 1.0

vendor:issmodel:realsecure server sensorscope:eqversion:6.5_win_sr3.5

Trust: 1.0

vendor:issmodel:realsecure desktopscope:eqversion:3.6eca

Trust: 1.0

vendor:issmodel:realsecure desktopscope:eqversion:3.6ecb

Trust: 1.0

vendor:issmodel:realsecure desktopscope:eqversion:3.6ebz

Trust: 1.0

vendor:issmodel:realsecure sentryscope:eqversion:3.6ecd

Trust: 1.0

vendor:issmodel:proventia g series xpuscope:eqversion:22.8

Trust: 1.0

vendor:issmodel:proventia m series xpuscope:eqversion:1.9

Trust: 1.0

vendor:internet securitymodel: - scope: - version: -

Trust: 0.8

vendor:the internet securitymodel:blackice agent for serverscope:eqversion:3.6 ecf before

Trust: 0.8

vendor:the internet securitymodel:blackice pc protectionscope:eqversion:3.6 ccf before

Trust: 0.8

vendor:the internet securitymodel:blackice server protectionscope:eqversion:3.6 ccf before

Trust: 0.8

vendor:the internet securitymodel:proventia a seriesscope:eqversion:xpu 22.11 before

Trust: 0.8

vendor:the internet securitymodel:proventia g seriesscope:eqversion:xpu 22.11 before

Trust: 0.8

vendor:the internet securitymodel:proventia m seriesscope:eqversion:xpu 1.9 before

Trust: 0.8

vendor:the internet securitymodel:realsecure desktopscope:eqversion:3.6 ecf before

Trust: 0.8

vendor:the internet securitymodel:realsecure desktopscope:eqversion:7.0 ebl before

Trust: 0.8

vendor:the internet securitymodel:realsecure guardscope:eqversion:3.6 ecf before

Trust: 0.8

vendor:the internet securitymodel:realsecure network sensorscope:eqversion:7.0

Trust: 0.8

vendor:the internet securitymodel:realsecure network sensorscope:eqversion:xpu 22.11 before

Trust: 0.8

vendor:the internet securitymodel:realsecure sentryscope:eqversion:3.6 ecf before

Trust: 0.8

vendor:the internet securitymodel:realsecure server sensorscope:eqversion:6.5 for windows sr 3.10 before

Trust: 0.8

vendor:the internet securitymodel:realsecure server sensorscope:eqversion:7.0

Trust: 0.8

vendor:the internet securitymodel:realsecure server sensorscope:eqversion:xpu 22.11 before

Trust: 0.8

vendor:internetmodel:security systems realsecure server sensor xpuscope:eqversion:7.022.9

Trust: 0.3

vendor:internetmodel:security systems realsecure server sensor xpuscope:eqversion:7.022.8

Trust: 0.3

vendor:internetmodel:security systems realsecure server sensor xpuscope:eqversion:7.022.7

Trust: 0.3

vendor:internetmodel:security systems realsecure server sensor xpuscope:eqversion:7.022.6

Trust: 0.3

vendor:internetmodel:security systems realsecure server sensor xpuscope:eqversion:7.022.5

Trust: 0.3

vendor:internetmodel:security systems realsecure server sensor xpuscope:eqversion:7.022.4

Trust: 0.3

vendor:internetmodel:security systems realsecure server sensor xpuscope:eqversion:7.022.3

Trust: 0.3

vendor:internetmodel:security systems realsecure server sensor xpuscope:eqversion:7.022.2

Trust: 0.3

vendor:internetmodel:security systems realsecure server sensor xpuscope:eqversion:7.022.11

Trust: 0.3

vendor:internetmodel:security systems realsecure server sensor xpuscope:eqversion:7.022.10

Trust: 0.3

vendor:internetmodel:security systems realsecure server sensor xpuscope:eqversion:7.022.1

Trust: 0.3

vendor:internetmodel:security systems realsecure server sensor win sr3.9scope:eqversion:6.5

Trust: 0.3

vendor:internetmodel:security systems realsecure server sensor win sr3.8scope:eqversion:6.5

Trust: 0.3

vendor:internetmodel:security systems realsecure server sensor win sr3.7scope:eqversion:6.5

Trust: 0.3

vendor:internetmodel:security systems realsecure server sensor win sr3.6scope:eqversion:6.5

Trust: 0.3

vendor:internetmodel:security systems realsecure server sensor win sr3.5scope:eqversion:6.5

Trust: 0.3

vendor:internetmodel:security systems realsecure server sensor win sr3.4scope:eqversion:6.5

Trust: 0.3

vendor:internetmodel:security systems realsecure server sensor win sr3.3scope:eqversion:6.5

Trust: 0.3

vendor:internetmodel:security systems realsecure server sensor win sr3.2scope:eqversion:6.5

Trust: 0.3

vendor:internetmodel:security systems realsecure server sensor win sr3.10scope:eqversion:6.5

Trust: 0.3

vendor:internetmodel:security systems realsecure server sensor win sr3.1scope:eqversion:6.5

Trust: 0.3

vendor:internetmodel:security systems realsecure server sensor winscope:eqversion:6.5

Trust: 0.3

vendor:internetmodel:security systems realsecure server sensor win sr1.1scope:eqversion:6.0.1

Trust: 0.3

vendor:internetmodel:security systems realsecure server sensor winscope:eqversion:6.0.1

Trust: 0.3

vendor:internetmodel:security systems realsecure server sensor winscope:eqversion:6.0

Trust: 0.3

vendor:internetmodel:security systems realsecure sentry ecdscope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems realsecure sentry ecfscope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems realsecure sentry ecescope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems realsecure sentry eccscope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems realsecure sentry ecbscope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems realsecure sentry ecascope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems realsecure sentry ebzscope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems realsecure network sensor xpuscope:eqversion:7.022.4

Trust: 0.3

vendor:internetmodel:security systems realsecure network sensor xpuscope:eqversion:7.022.9

Trust: 0.3

vendor:internetmodel:security systems realsecure network sensor xpuscope:eqversion:7.022.10

Trust: 0.3

vendor:internetmodel:security systems realsecure network sensor xpuscope:eqversion:7.020.11

Trust: 0.3

vendor:internetmodel:security systems realsecure network sensorscope:eqversion:7.0

Trust: 0.3

vendor:internetmodel:security systems realsecure guard ecdscope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems realsecure guard ecfscope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems realsecure guard ecescope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems realsecure guard eccscope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems realsecure guard ecbscope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems realsecure guard ecascope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems realsecure guard ebzscope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems realsecure desktop eblscope:eqversion:7.0

Trust: 0.3

vendor:internetmodel:security systems realsecure desktop ebkscope:eqversion:7.0

Trust: 0.3

vendor:internetmodel:security systems realsecure desktop ebjscope:eqversion:7.0

Trust: 0.3

vendor:internetmodel:security systems realsecure desktop ebhscope:eqversion:7.0

Trust: 0.3

vendor:internetmodel:security systems realsecure desktop ebgscope:eqversion:7.0

Trust: 0.3

vendor:internetmodel:security systems realsecure desktop ebfscope:eqversion:7.0

Trust: 0.3

vendor:internetmodel:security systems realsecure desktop ebascope:eqversion:7.0

Trust: 0.3

vendor:internetmodel:security systems realsecure desktop ecfscope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems realsecure desktop ecescope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems realsecure desktop ecdscope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems realsecure desktop ecbscope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems realsecure desktop ecascope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems realsecure desktop ebzscope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems proventia m series xpuscope:eqversion:1.9

Trust: 0.3

vendor:internetmodel:security systems proventia m series xpuscope:eqversion:1.8

Trust: 0.3

vendor:internetmodel:security systems proventia m series xpuscope:eqversion:1.7

Trust: 0.3

vendor:internetmodel:security systems proventia m series xpuscope:eqversion:1.6

Trust: 0.3

vendor:internetmodel:security systems proventia m series xpuscope:eqversion:1.5

Trust: 0.3

vendor:internetmodel:security systems proventia m series xpuscope:eqversion:1.4

Trust: 0.3

vendor:internetmodel:security systems proventia m series xpuscope:eqversion:1.3

Trust: 0.3

vendor:internetmodel:security systems proventia m series xpuscope:eqversion:1.2

Trust: 0.3

vendor:internetmodel:security systems proventia m series xpuscope:eqversion:1.1

Trust: 0.3

vendor:internetmodel:security systems proventia a series xpuscope:eqversion:22.9

Trust: 0.3

vendor:internetmodel:security systems proventia a series xpuscope:eqversion:22.10

Trust: 0.3

vendor:internetmodel:security systems proventia a series xpuscope:eqversion:20.11

Trust: 0.3

vendor:internetmodel:security systems proventia a series xpuscope:eqversion:22.8

Trust: 0.3

vendor:internetmodel:security systems proventia a series xpuscope:eqversion:22.7

Trust: 0.3

vendor:internetmodel:security systems proventia a series xpuscope:eqversion:22.6

Trust: 0.3

vendor:internetmodel:security systems proventia a series xpuscope:eqversion:22.5

Trust: 0.3

vendor:internetmodel:security systems proventia a series xpuscope:eqversion:22.4

Trust: 0.3

vendor:internetmodel:security systems proventia a series xpuscope:eqversion:22.3

Trust: 0.3

vendor:internetmodel:security systems proventia a series xpuscope:eqversion:22.2

Trust: 0.3

vendor:internetmodel:security systems proventia a series xpuscope:eqversion:22.1

Trust: 0.3

vendor:internetmodel:security systems blackice server protection ccfscope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems blackice server protection ccescope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems blackice server protection ccdscope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems blackice server protection cccscope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems blackice server protection ccbscope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems blackice server protection ccascope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems blackice server protection cbzscope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems blackice pc protection ccfscope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems blackice pc protection ccescope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems blackice pc protection ccdscope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems blackice pc protection cccscope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems blackice pc protection ccbscope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems blackice pc protection ccascope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems blackice pc protection .cbzscope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems blackice agent for server ecfscope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems blackice agent for server ecescope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems blackice agent for server ecdscope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems blackice agent for server eccscope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems blackice agent for server ecbscope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems blackice agent for server ecascope:eqversion:3.6

Trust: 0.3

vendor:internetmodel:security systems blackice agent for server ebzscope:eqversion:3.6

Trust: 0.3

vendor:ibmmodel:proventia g series xpuscope:eqversion:22.9

Trust: 0.3

vendor:ibmmodel:proventia g series xpuscope:eqversion:22.8

Trust: 0.3

vendor:ibmmodel:proventia g series xpuscope:eqversion:22.7

Trust: 0.3

vendor:ibmmodel:proventia g series xpuscope:eqversion:22.6

Trust: 0.3

vendor:ibmmodel:proventia g series xpuscope:eqversion:22.5

Trust: 0.3

vendor:ibmmodel:proventia g series xpuscope:eqversion:22.4

Trust: 0.3

vendor:ibmmodel:proventia g series xpuscope:eqversion:22.3

Trust: 0.3

vendor:ibmmodel:proventia g series xpuscope:eqversion:22.2

Trust: 0.3

vendor:ibmmodel:proventia g series xpuscope:eqversion:22.11

Trust: 0.3

vendor:ibmmodel:proventia g series xpuscope:eqversion:22.10

Trust: 0.3

vendor:ibmmodel:proventia g series xpuscope:eqversion:22.1

Trust: 0.3

vendor:internetmodel:security systems realsecure server sensor xpuscope:neversion:7.022.12

Trust: 0.3

vendor:internetmodel:security systems realsecure server sensor win sr3.11scope:neversion:6.5

Trust: 0.3

vendor:internetmodel:security systems realsecure network sensor xpuscope:neversion:7.020.12

Trust: 0.3

vendor:internetmodel:security systems realsecure guard ecgscope:neversion:3.6

Trust: 0.3

vendor:internetmodel:security systems realsecure desktop ebmscope:neversion:7.0

Trust: 0.3

vendor:internetmodel:security systems realsecure desktop ecgscope:neversion:3.6

Trust: 0.3

vendor:internetmodel:security systems proventia m series xpuscope:neversion:1.10

Trust: 0.3

vendor:internetmodel:security systems proventia a series xpuscope:neversion:20.12

Trust: 0.3

vendor:internetmodel:security systems blackice server protection ccgscope:neversion:3.6

Trust: 0.3

vendor:internetmodel:security systems blackice pc protection ccgscope:neversion:3.6

Trust: 0.3

vendor:internetmodel:security systems blackice agent for server ecgscope:neversion:3.6

Trust: 0.3

vendor:ibmmodel:proventia g series xpuscope:neversion:22.12

Trust: 0.3

sources: CERT/CC: VU#947254 // BID: 9913 // JVNDB: JVNDB-2004-000089 // CNNVD: CNNVD-200404-038 // NVD: CVE-2004-0362

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2004-0362
value: HIGH

Trust: 1.0

CARNEGIE MELLON: VU#947254
value: 30.44

Trust: 0.8

NVD: CVE-2004-0362
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200404-038
value: HIGH

Trust: 0.6

VULHUB: VHN-8792
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2004-0362
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-8792
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#947254 // VULHUB: VHN-8792 // JVNDB: JVNDB-2004-000089 // CNNVD: CNNVD-200404-038 // NVD: CVE-2004-0362

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-0362

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200404-038

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200404-038

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2004-000089

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-8792

PATCH
title:167url:http://xforce.iss.net/xforce/alerts/id/167
Trust: 0.8
title:166url:http://xforce.iss.net/xforce/alerts/id/166
Trust: 0.8
title:ICQ_ISS_166url:http://www.isskk.co.jp/support/techinfo/general/ICQ_ISS_166.html
Trust: 0.8
title:Witty_167url:http://www.isskk.co.jp/support/techinfo/general/Witty_167.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2004-000089

EXTERNAL IDS
db:BIDid:9913
Trust: 3.6
db:CERT/CCid:VU#947254
Trust: 3.3
db:SECUNIAid:11073
Trust: 2.5
db:OSVDBid:4355
Trust: 2.5
db:NVDid:CVE-2004-0362
Trust: 2.5
db:XFid:15442
Trust: 1.4
db:XFid:15543
Trust: 1.4
db:JVNDBid:JVNDB-2004-000089
Trust: 0.8
db:CNNVDid:CNNVD-200404-038
Trust: 0.7
db:BUGTRAQid:20040318 EEYE: INTERNET SECURITY SYSTEMS PAM ICQ SERVER RESPONSE PROCESSING VULNERABILITY
Trust: 0.6
db:ISSid:20040318 VULNERABILITY IN ICQ PARSING IN ISS PRODUCTS
Trust: 0.6
db:EEYEid:AD20040318
Trust: 0.6
db:CIACid:O-104
Trust: 0.6
db:PACKETSTORMid:83212
Trust: 0.1
db:EXPLOIT-DBid:168
Trust: 0.1
db:EXPLOIT-DBid:16464
Trust: 0.1
db:SEEBUGid:SSVID-88874
Trust: 0.1
db:SEEBUGid:SSVID-70978
Trust: 0.1
db:VULHUBid:VHN-8792
Trust: 0.1
sources:
            
            
            CERT/CC: VU#947254 // 
            
            
            
            VULHUB: VHN-8792 // 
            
            
            
            BID: 9913 // 
            
            
            
            JVNDB: JVNDB-2004-000089 // 
            
            
            
            CNNVD: CNNVD-200404-038 // 
            
            
            
            NVD: CVE-2004-0362

REFERENCES
url:http://xforce.iss.net/xforce/alerts/id/166
Trust: 3.6
url:http://www.securityfocus.com/bid/9913
Trust: 3.3
url:http://www.eeye.com/html/research/advisories/ad20040318.html
Trust: 2.8
url:http://www.kb.cert.org/vuls/id/947254
Trust: 2.5
url:http://www.ciac.org/ciac/bulletins/o-104.shtml
Trust: 2.5
url:http://www.osvdb.org/4355
Trust: 2.5
url:http://xforce.iss.net/xforce/alerts/id/167
Trust: 1.9
url:http://secunia.com/advisories/11073
Trust: 1.7
url:http://xforce.iss.net/xforce/xfdb/15543
Trust: 1.4
url:http://xforce.iss.net/xforce/xfdb/15442
Trust: 1.4
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/15442
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/15543
Trust: 1.1
url:http://marc.info/?l=bugtraq&m=107965651712378&w=2
Trust: 1.0
url:http://www.eeye.com/html/research/upcoming/20040308.html
Trust: 0.8
url:http://www.iss.net/download/
Trust: 0.8
url:http://secunia.com/advisories/11073/
Trust: 0.8
url:http://www.caida.org/research/security/witty/
Trust: 0.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0362
Trust: 0.8
url:http://jvn.jp/tr/trciac-o-104
Trust: 0.8
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-0362
Trust: 0.8
url:http://www.isskk.co.jp/support/techinfo/general/icq_iss_166.html
Trust: 0.8
url:http://www.isskk.co.jp/support/techinfo/general/witty_167.html
Trust: 0.8
url:http://marc.theaimsgroup.com/?l=bugtraq&m=107965651712378&w=2
Trust: 0.6
url:http://support.coresecurity.com/impact/exploits/cf012333dc243844422b2f4849ac394c.html
Trust: 0.3
url:/archive/1/357916
Trust: 0.3
url:http://marc.info/?l=bugtraq&m=107965651712378&w=2
Trust: 0.1
sources:
            
            
            CERT/CC: VU#947254 // 
            
            
            
            VULHUB: VHN-8792 // 
            
            
            
            BID: 9913 // 
            
            
            
            JVNDB: JVNDB-2004-000089 // 
            
            
            
            CNNVD: CNNVD-200404-038 // 
            
            
            
            NVD: CVE-2004-0362

CREDITS
eEye info@eEye.com
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200404-038

SOURCES
db:CERT/CCid:VU#947254
db:VULHUBid:VHN-8792
db:BIDid:9913
db:JVNDBid:JVNDB-2004-000089
db:CNNVDid:CNNVD-200404-038
db:NVDid:CVE-2004-0362

LAST UPDATE DATE
2024-08-14T14:48:11.422000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#947254date:2009-06-12T00:00:00
db:VULHUBid:VHN-8792date:2017-07-11T00:00:00
db:BIDid:9913date:2004-03-18T00:00:00
db:JVNDBid:JVNDB-2004-000089date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200404-038date:2006-06-15T00:00:00
db:NVDid:CVE-2004-0362date:2017-07-11T01:30:06.120

SOURCES RELEASE DATE
db:CERT/CCid:VU#947254date:2004-03-20T00:00:00
db:VULHUBid:VHN-8792date:2004-04-15T00:00:00
db:BIDid:9913date:2004-03-18T00:00:00
db:JVNDBid:JVNDB-2004-000089date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200404-038date:2004-03-18T00:00:00
db:NVDid:CVE-2004-0362date:2004-04-15T04:00:00