CVE-2004-0193
Severity Score
7.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Server Protection 3.6, allows remote attackers to execute arbitrary code via an SMB packet containing an authentication request with a long username.
Desbordamiento de búfer basado en la pila en el Módulo de análisis de Protocolos (PAM) de ISS, usado en ciertas versiones de RealSecure Network 7.0 y Server Sensor 7.0, Proventia series A, G, y M, Desktop 7.0 y 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, y BlackICE Server Protection 3.6, permite a atacantes remotos ejecutar código arbitrario mediante un paquete SMB conteniendo una petición de autenticación con un nombre de usuario largo.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2004-03-04 CVE Reserved
- 2004-03-15 CVE Published
- 2024-08-08 CVE Updated
- 2024-09-16 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://marc.info/?l=bugtraq&m=107789851117176&w=2 | Mailing List | |
| http://secunia.com/advisories/10988 | Third Party Advisory | |
| http://www.eeye.com/html/Research/Advisories/AD20040226.html | Third Party Advisory | |
| http://www.osvdb.org/4072 | Vdb Entry | |
| http://www.securityfocus.com/bid/9752 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/15207 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.kb.cert.org/vuls/id/150326 | 2017-10-10 | |
| http://xforce.iss.net/xforce/alerts/id/165 | 2017-10-10 |
| URL | Date | SRC |
|---|---|---|
| http://www.eeye.com/html/Research/Upcoming/20040213.html | 2017-10-10 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Iss Search vendor "Iss" | Blackice Agent Server Search vendor "Iss" for product "Blackice Agent Server" | 3.6eca Search vendor "Iss" for product "Blackice Agent Server" and version "3.6eca" | - |
Affected
| ||||||
| Iss Search vendor "Iss" | Blackice Pc Protection Search vendor "Iss" for product "Blackice Pc Protection" | 3.6cbd Search vendor "Iss" for product "Blackice Pc Protection" and version "3.6cbd" | - |
Affected
| ||||||
| Iss Search vendor "Iss" | Blackice Server Protection Search vendor "Iss" for product "Blackice Server Protection" | 3.6cbz Search vendor "Iss" for product "Blackice Server Protection" and version "3.6cbz" | - |
Affected
| ||||||
| Iss Search vendor "Iss" | Realsecure Desktop Search vendor "Iss" for product "Realsecure Desktop" | 3.6eca Search vendor "Iss" for product "Realsecure Desktop" and version "3.6eca" | - |
Affected
| ||||||
| Iss Search vendor "Iss" | Realsecure Desktop Search vendor "Iss" for product "Realsecure Desktop" | 3.6ecf Search vendor "Iss" for product "Realsecure Desktop" and version "3.6ecf" | - |
Affected
| ||||||
| Iss Search vendor "Iss" | Realsecure Desktop Search vendor "Iss" for product "Realsecure Desktop" | 7.0ebg Search vendor "Iss" for product "Realsecure Desktop" and version "7.0ebg" | - |
Affected
| ||||||
| Iss Search vendor "Iss" | Realsecure Desktop Search vendor "Iss" for product "Realsecure Desktop" | 7.0epk Search vendor "Iss" for product "Realsecure Desktop" and version "7.0epk" | - |
Affected
| ||||||
| Iss Search vendor "Iss" | Realsecure Guard Search vendor "Iss" for product "Realsecure Guard" | 3.6ecb Search vendor "Iss" for product "Realsecure Guard" and version "3.6ecb" | - |
Affected
| ||||||
| Iss Search vendor "Iss" | Realsecure Network Search vendor "Iss" for product "Realsecure Network" | 7.0 Search vendor "Iss" for product "Realsecure Network" and version "7.0" | xpu_20.15 |
Affected
| ||||||
| Iss Search vendor "Iss" | Realsecure Sentry Search vendor "Iss" for product "Realsecure Sentry" | 3.6ecf Search vendor "Iss" for product "Realsecure Sentry" and version "3.6ecf" | - |
Affected
| ||||||
| Iss Search vendor "Iss" | Realsecure Server Sensor Search vendor "Iss" for product "Realsecure Server Sensor" | 7.0 Search vendor "Iss" for product "Realsecure Server Sensor" and version "7.0" | xpu20.16 |
Affected
| ||||||
| Iss Search vendor "Iss" | Proventia A Series Xpu Search vendor "Iss" for product "Proventia A Series Xpu" | 20.15 Search vendor "Iss" for product "Proventia A Series Xpu" and version "20.15" | - |
Affected
| ||||||
| Iss Search vendor "Iss" | Proventia G Series Xpu Search vendor "Iss" for product "Proventia G Series Xpu" | 22.3 Search vendor "Iss" for product "Proventia G Series Xpu" and version "22.3" | - |
Affected
| ||||||
| Iss Search vendor "Iss" | Proventia M Series Xpu Search vendor "Iss" for product "Proventia M Series Xpu" | 1.30 Search vendor "Iss" for product "Proventia M Series Xpu" and version "1.30" | - |
Affected
| ||||||