CVE-2002-0237
https://notcve.org/view.php?id=CVE-2002-0237
Buffer overflow in ISS BlackICE Defender 2.9 and earlier, BlackICE Agent 3.0 and 3.1, and RealSecure Server Sensor 6.0.1 and 6.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a flood of large ICMP ping packets. Desbordamiento de búfer en ISS BlackICE Defender 2.9 y anteriores, BlackICE Agente 3.0 y 3.1, y RealSecure Server Sensor 6.01 y 6.5 permiten a atacantes remotos que provoquen una denegación de servicio (caida) y posiblemente ejecutar código arbitrario por medio de un envío masivo de grandes paquetes ping ICMP. • http://marc.info/?l=bugtraq&m=101286393404301&w=2 http://marc.info/?l=bugtraq&m=101302424803268&w=2 http://marc.info/?l=bugtraq&m=101321744807452&w=2 http://marc.info/?l=ntbugtraq&m=101353165915171&w=2 http://www.iss.net/security_center/alerts/advise109.php http://www.iss.net/security_center/static/8058.php http://www.securityfocus.com/bid/4025 •
CVE-2002-1280
https://notcve.org/view.php?id=CVE-2002-1280
Memory leak in RealSecure Event Collector 6.5 allows attackers to cause a denial of service (memory consumption and crash). • http://www.isskk.co.jp/support/XPressUpdates/RS/RS65ECSR15RNj.html •
CVE-2001-0669 – Cisco Secure IDS 2.0/3.0 / Snort 1.x / ISS RealSecure 5/6 / NFR 5.0 - Encoded IIS Detection Evasion
https://notcve.org/view.php?id=CVE-2001-0669
Various Intrusion Detection Systems (IDS) including (1) Cisco Secure Intrusion Detection System, (2) Cisco Catalyst 6000 Intrusion Detection System Module, (3) Dragon Sensor 4.x, (4) Snort before 1.8.1, (5) ISS RealSecure Network Sensor 5.x and 6.x before XPU 3.2, and (6) ISS RealSecure Server Sensor 5.5 and 6.0 for Windows, allow remote attackers to evade detection of HTTP attacks via non-standard "%u" Unicode encoding of ASCII characters in the requested URL. • https://www.exploit-db.com/exploits/21100 http://marc.info/?l=bugtraq&m=99972950200602&w=2 http://www.cisco.com/warp/public/707/cisco-intrusion-detection-obfuscation-vuln-pub.shtml http://www.kb.cert.org/vuls/id/548515 http://www.securityfocus.com/bid/3292 http://xforce.iss.net/alerts/advise95.php •
CVE-2000-0692
https://notcve.org/view.php?id=CVE-2000-0692
ISS RealSecure 3.2.1 and 3.2.2 allows remote attackers to cause a denial of service via a flood of fragmented packets with the SYN flag set. • http://archives.neohapsis.com/archives/bugtraq/2000-08/0267.html http://www.securityfocus.com/bid/1597 •
CVE-2000-0562
https://notcve.org/view.php?id=CVE-2000-0562
BlackIce Defender 2.1 and earlier, and BlackIce Pro 2.0.23 and earlier, do not properly block Back Orifice traffic when the security setting is Nervous or lower. • http://archives.neohapsis.com/archives/bugtraq/2000-06/0190.html •