The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote malicious users to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
iss realsecure desktop 7.0epk |
||
iss realsecure network 7.0 |
||
iss realsecure server sensor 7.0 |
||
iss blackice pc protection 3.6cpk |
||
iss blackice server protection 3.6cpk |
||
iss proventia desktop 8.0.675.1790 |
||
iss proventia desktop 8.0.812.1790 |
||
iss proventia a series xpu |
||
iss proventia g series xpu |
||
iss proventia m series xpu |
||
iss proventia server 1.0.914.1880 |