Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Server Protection 3.6, allows remote malicious users to execute arbitrary code via an SMB packet containing an authentication request with a long username.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
iss blackice agent server 3.6eca |
||
iss realsecure guard 3.6ecb |
||
iss realsecure network 7.0 |
||
iss realsecure sentry 3.6ecf |
||
iss realsecure desktop 3.6eca |
||
iss realsecure desktop 3.6ecf |
||
iss realsecure desktop 7.0ebg |
||
iss realsecure desktop 7.0epk |
||
iss blackice pc protection 3.6cbd |
||
iss blackice server protection 3.6cbz |
||
iss realsecure server sensor 7.0 |
||
iss proventia a series xpu 20.15 |
||
iss proventia g series xpu 22.3 |
||
iss proventia m series xpu 1.30 |