CVE-2006-3840
First published: Thu Jul 27 2006(Updated: )
The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ISS RealSecure Server Sensor | =7.0 | |
| Iss Proventia Desktop | =8.0.675.1790 | |
| Iss Blackice Server Protection | =3.6cpk | |
| ISS BlackICE PC Protection | =3.6cpk | |
| Iss Proventia Desktop | =8.0.812.1790 | |
| Iss Realsecure Network | =7.0 | |
| Iss Realsecure Desktop | =7.0epk | |
| Iss Proventia G Series Xpu | ||
| Iss Proventia A Series Xpu | ||
| Iss Proventia M Series Xpu | ||
| Iss Proventia Server | =1.0.914.1880 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630
- http://xforce.iss.net/xforce/alerts/id/230
- http://www.nsfocus.com/english/homepage/research/0607.htm
- http://www.securityfocus.com/bid/19178
- http://securitytracker.com/id?1016592
- http://securitytracker.com/id?1016590
- http://securitytracker.com/id?1016591
- http://secunia.com/advisories/21219
- http://www.vupen.com/english/advisories/2006/2996
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27965
- http://www.securityfocus.com/archive/1/441278/100/0/threaded
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/weakness
- agent/type
- agent/event
- agent/severity
- agent/author
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/iss
- canonical/iss realsecure server sensor
- version/iss realsecure server sensor/7.0
- canonical/iss proventia desktop
- version/iss proventia desktop/8.0.675.1790
- canonical/iss blackice server protection
- version/iss blackice server protection/3.6cpk
- canonical/iss blackice pc protection
- version/iss blackice pc protection/3.6cpk
- version/iss proventia desktop/8.0.812.1790
- canonical/iss realsecure network
- version/iss realsecure network/7.0
- canonical/iss realsecure desktop
- version/iss realsecure desktop/7.0epk
- canonical/iss proventia g series xpu
- canonical/iss proventia a series xpu
- canonical/iss proventia m series xpu
- canonical/iss proventia server
- version/iss proventia server/1.0.914.1880