CVE-2004-0193: Buffer Overflow
First published: Mon Mar 15 2004(Updated: )
Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Server Protection 3.6, allows remote attackers to execute arbitrary code via an SMB packet containing an authentication request with a long username.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Iss Realsecure Desktop | =7.0ebg | |
| ISS RealSecure | =3.6ecb | |
| ISS RealSecure Sentry | =3.6ecf | |
| ISS RealSecure | =7.0-xpu20.16 | |
| Iss Realsecure Desktop | =3.6ecf | |
| IBM ISS BlackICE PC Protection | =3.6cbd | |
| IBM ISS BlackICE Agent Server | =3.6eca | |
| ISS RealSecure Network | =7.0-xpu_20.15 | |
| ISS BlackICE Server Protection | =3.6cbz | |
| Iss Realsecure Desktop | =3.6eca | |
| Iss Realsecure Desktop | =7.0epk | |
| IBM Proventia G Series XPU | =22.3 | |
| IBM Proventia M Series Xpu | =1.30 | |
| IBM Proventia A Series XPU | =20.15 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.eeye.com/html/Research/Upcoming/20040213.html
- http://xforce.iss.net/xforce/alerts/id/165
- http://www.kb.cert.org/vuls/id/150326
- http://www.eeye.com/html/Research/Advisories/AD20040226.html
- http://www.securityfocus.com/bid/9752
- http://www.osvdb.org/4072
- http://secunia.com/advisories/10988
- http://marc.info/?l=bugtraq&m=107789851117176&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15207
Frequently Asked Questions
What is the severity of CVE-2004-0193?
CVE-2004-0193 has a high severity due to the potential for remote code execution through heap-based buffer overflow.
How do I fix CVE-2004-0193?
To fix CVE-2004-0193, ensure you apply the latest security patches for the affected ISS products.
Which products are affected by CVE-2004-0193?
CVE-2004-0193 affects various versions of ISS RealSecure and BlackICE products, including 7.0 and 3.6.
What is the exploit type for CVE-2004-0193?
The exploit type for CVE-2004-0193 is a heap-based buffer overflow.
Can CVE-2004-0193 be exploited remotely?
Yes, CVE-2004-0193 can be exploited remotely, allowing attackers to execute arbitrary code.
- agent/type
- agent/remedy
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/references
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/iss
- canonical/iss realsecure desktop
- version/iss realsecure desktop/7.0ebg
- canonical/iss realsecure
- version/iss realsecure/3.6ecb
- canonical/iss realsecure sentry
- version/iss realsecure sentry/3.6ecf
- version/iss realsecure/7.0-xpu20.16
- version/iss realsecure desktop/3.6ecf
- canonical/ibm iss blackice pc protection
- version/ibm iss blackice pc protection/3.6cbd
- canonical/ibm iss blackice agent server
- version/ibm iss blackice agent server/3.6eca
- canonical/iss realsecure network
- version/iss realsecure network/7.0-xpu_20.15
- canonical/iss blackice server protection
- version/iss blackice server protection/3.6cbz
- version/iss realsecure desktop/3.6eca
- version/iss realsecure desktop/7.0epk
- canonical/ibm proventia g series xpu
- version/ibm proventia g series xpu/22.3
- canonical/ibm proventia m series xpu
- version/ibm proventia m series xpu/1.30
- canonical/ibm proventia a series xpu
- version/ibm proventia a series xpu/20.15