Vulnerabilites related to iss - realsecure_network_sensor
Vulnerability from fkie_nvd
Published
2004-04-15 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm.
References
cve@mitre.orghttp://marc.info/?l=bugtraq&m=107965651712378&w=2
cve@mitre.orghttp://secunia.com/advisories/11073
cve@mitre.orghttp://www.ciac.org/ciac/bulletins/o-104.shtml
cve@mitre.orghttp://www.eeye.com/html/Research/Advisories/AD20040318.html
cve@mitre.orghttp://www.kb.cert.org/vuls/id/947254Patch, Third Party Advisory, US Government Resource
cve@mitre.orghttp://www.osvdb.org/4355
cve@mitre.orghttp://www.securityfocus.com/bid/9913Exploit, Patch, Vendor Advisory
cve@mitre.orghttp://xforce.iss.net/xforce/alerts/id/166Patch, Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/15442
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/15543
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=107965651712378&w=2
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/11073
af854a3a-2127-422b-91ae-364da2661108http://www.ciac.org/ciac/bulletins/o-104.shtml
af854a3a-2127-422b-91ae-364da2661108http://www.eeye.com/html/Research/Advisories/AD20040318.html
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/947254Patch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/4355
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/9913Exploit, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://xforce.iss.net/xforce/alerts/id/166Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/15442
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/15543
Impacted products
Vendor Product Version
iss blackice_agent_server 3.6ebz
iss blackice_agent_server 3.6eca
iss blackice_agent_server 3.6ecb
iss blackice_agent_server 3.6ecc
iss blackice_agent_server 3.6ecd
iss blackice_agent_server 3.6ece
iss blackice_agent_server 3.6ecf
iss blackice_pc_protection 3.6cbz
iss blackice_pc_protection 3.6cca
iss blackice_pc_protection 3.6ccb
iss blackice_pc_protection 3.6ccc
iss blackice_pc_protection 3.6ccd
iss blackice_pc_protection 3.6cce
iss blackice_pc_protection 3.6ccf
iss blackice_server_protection 3.6cbz
iss blackice_server_protection 3.6cca
iss blackice_server_protection 3.6ccb
iss blackice_server_protection 3.6ccc
iss blackice_server_protection 3.6ccd
iss blackice_server_protection 3.6cce
iss blackice_server_protection 3.6ccf
iss realsecure_desktop 3.6ebz
iss realsecure_desktop 3.6eca
iss realsecure_desktop 3.6ecb
iss realsecure_desktop 3.6ecd
iss realsecure_desktop 3.6ece
iss realsecure_desktop 3.6ecf
iss realsecure_desktop 7.0eba
iss realsecure_desktop 7.0ebf
iss realsecure_desktop 7.0ebg
iss realsecure_desktop 7.0ebh
iss realsecure_desktop 7.0ebj
iss realsecure_desktop 7.0ebk
iss realsecure_desktop 7.0ebl
iss realsecure_guard 3.6ebz
iss realsecure_guard 3.6eca
iss realsecure_guard 3.6ecb
iss realsecure_guard 3.6ecc
iss realsecure_guard 3.6ecd
iss realsecure_guard 3.6ece
iss realsecure_guard 3.6ecf
iss realsecure_network_sensor 7.0
iss realsecure_network_sensor 7.0
iss realsecure_network_sensor 7.0
iss realsecure_network_sensor 7.0
iss realsecure_network_sensor 7.0
iss realsecure_sentry 3.6ebz
iss realsecure_sentry 3.6eca
iss realsecure_sentry 3.6ecb
iss realsecure_sentry 3.6ecc
iss realsecure_sentry 3.6ecd
iss realsecure_sentry 3.6ece
iss realsecure_sentry 3.6ecf
iss realsecure_server_sensor 6.0
iss realsecure_server_sensor 6.0.1
iss realsecure_server_sensor 6.0.1_win_sr1.1
iss realsecure_server_sensor 6.5
iss realsecure_server_sensor 6.5
iss realsecure_server_sensor 6.5
iss realsecure_server_sensor 6.5_win_sr3.1
iss realsecure_server_sensor 6.5_win_sr3.4
iss realsecure_server_sensor 6.5_win_sr3.5
iss realsecure_server_sensor 6.5_win_sr3.6
iss realsecure_server_sensor 6.5_win_sr3.7
iss realsecure_server_sensor 6.5_win_sr3.8
iss realsecure_server_sensor 6.5_win_sr3.9
iss realsecure_server_sensor 6.5_win_sr3.10
iss realsecure_server_sensor 7.0
iss realsecure_server_sensor 7.0
iss realsecure_server_sensor 7.0
iss realsecure_server_sensor 7.0
iss realsecure_server_sensor 7.0
iss realsecure_server_sensor 7.0
iss realsecure_server_sensor 7.0
iss realsecure_server_sensor 7.0
iss realsecure_server_sensor 7.0
iss realsecure_server_sensor 7.0
iss realsecure_server_sensor 7.0
iss proventia_a_series_xpu 20.11
iss proventia_a_series_xpu 22.1
iss proventia_a_series_xpu 22.2
iss proventia_a_series_xpu 22.3
iss proventia_a_series_xpu 22.4
iss proventia_a_series_xpu 22.5
iss proventia_a_series_xpu 22.6
iss proventia_a_series_xpu 22.7
iss proventia_a_series_xpu 22.8
iss proventia_a_series_xpu 22.9
iss proventia_a_series_xpu 22.10
iss proventia_g_series_xpu 22.1
iss proventia_g_series_xpu 22.2
iss proventia_g_series_xpu 22.3
iss proventia_g_series_xpu 22.4
iss proventia_g_series_xpu 22.5
iss proventia_g_series_xpu 22.6
iss proventia_g_series_xpu 22.7
iss proventia_g_series_xpu 22.8
iss proventia_g_series_xpu 22.9
iss proventia_g_series_xpu 22.10
iss proventia_g_series_xpu 22.11
iss proventia_m_series_xpu 1.1
iss proventia_m_series_xpu 1.2
iss proventia_m_series_xpu 1.3
iss proventia_m_series_xpu 1.4
iss proventia_m_series_xpu 1.5
iss proventia_m_series_xpu 1.6
iss proventia_m_series_xpu 1.7
iss proventia_m_series_xpu 1.8
iss proventia_m_series_xpu 1.9


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:iss:blackice_agent_server:3.6ebz:*:*:*:*:*:*:*",
              "matchCriteriaId": "711158F0-20A5-4F74-9F2B-E1D48085CEA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_agent_server:3.6eca:*:*:*:*:*:*:*",
              "matchCriteriaId": "68D71B50-D280-4735-BFFE-2548C3117D70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_agent_server:3.6ecb:*:*:*:*:*:*:*",
              "matchCriteriaId": "083BFA17-FFE4-45AA-A4D1-9543921FB1A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_agent_server:3.6ecc:*:*:*:*:*:*:*",
              "matchCriteriaId": "F13B990F-CBDC-4007-A85D-D1F320A7DB58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_agent_server:3.6ecd:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBE8DE53-5DA3-423C-977C-61AFF207C9F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_agent_server:3.6ece:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CB70D11-262D-4017-9C80-D39DD2C6E1F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_agent_server:3.6ecf:*:*:*:*:*:*:*",
              "matchCriteriaId": "01136FF6-3F16-47F2-9125-94B59BD6759D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_pc_protection:3.6cbz:*:*:*:*:*:*:*",
              "matchCriteriaId": "44D1258B-70B0-4B20-9992-1E5DDD899935",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_pc_protection:3.6cca:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FFB331C-EA1C-4DC6-B699-A4F6AB8FFB7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_pc_protection:3.6ccb:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E52039E-728B-4028-AEB0-9F77EE75B245",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_pc_protection:3.6ccc:*:*:*:*:*:*:*",
              "matchCriteriaId": "F101B85F-C141-4977-885F-C29306BF1C97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_pc_protection:3.6ccd:*:*:*:*:*:*:*",
              "matchCriteriaId": "5746C7F8-8560-4082-AD73-66DB9D16D619",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_pc_protection:3.6cce:*:*:*:*:*:*:*",
              "matchCriteriaId": "A76034E6-B3B8-4A6A-B6CA-16AA2A8CD854",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_pc_protection:3.6ccf:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A02F0CF-E1C0-43FE-9971-966002A53679",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_server_protection:3.6cbz:*:*:*:*:*:*:*",
              "matchCriteriaId": "E33242A8-7BE6-4A69-A7CC-81BAFC2ADD50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_server_protection:3.6cca:*:*:*:*:*:*:*",
              "matchCriteriaId": "21E08CB5-0C90-4AF2-814C-3B4333681575",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_server_protection:3.6ccb:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A52A4E2-281A-460C-BCCC-00A464BD6270",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_server_protection:3.6ccc:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7DB4F39-B3C9-4AA2-A047-709A5D9B7F84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_server_protection:3.6ccd:*:*:*:*:*:*:*",
              "matchCriteriaId": "4987E532-8729-4BC4-9997-962C32BC6CFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_server_protection:3.6cce:*:*:*:*:*:*:*",
              "matchCriteriaId": "B47779E2-7BC5-4A5D-AD90-AC226735C631",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_server_protection:3.6ccf:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BB1C793-85F6-48EB-8A53-DE8E91271A6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_desktop:3.6ebz:*:*:*:*:*:*:*",
              "matchCriteriaId": "E237D220-5C26-428C-9112-1BBF355292CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_desktop:3.6eca:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF2247F3-0287-40DC-8CE8-3D0E15910056",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_desktop:3.6ecb:*:*:*:*:*:*:*",
              "matchCriteriaId": "102A8F85-B009-4217-9F6C-9B5988822B63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_desktop:3.6ecd:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC8C6E4A-B4B6-4E78-992E-DB98256C39A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_desktop:3.6ece:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD4FD0C8-AC98-44F7-8914-57CE03120014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_desktop:3.6ecf:*:*:*:*:*:*:*",
              "matchCriteriaId": "23AE96AD-84D6-4C76-9197-AFCDCC6EA705",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_desktop:7.0eba:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC82898A-8EF8-4DAC-A6DB-2540D0214502",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_desktop:7.0ebf:*:*:*:*:*:*:*",
              "matchCriteriaId": "57B54D56-7F1B-4390-835F-EF6B4B9BF297",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_desktop:7.0ebg:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F9233FA-D30A-4D0B-9605-CAA119C97CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_desktop:7.0ebh:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3D6113C-1D2C-4502-A6DE-BF2904E535E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_desktop:7.0ebj:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FE8756F-6E96-4E03-88A4-595F166A991D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_desktop:7.0ebk:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8094437-D1DD-40BB-8572-10D77ADACE4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_desktop:7.0ebl:*:*:*:*:*:*:*",
              "matchCriteriaId": "E16E3E8D-B79A-4747-9CBE-60DEE3634F68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_guard:3.6ebz:*:*:*:*:*:*:*",
              "matchCriteriaId": "377798C2-58E5-409E-AC74-7B343F8DB4C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_guard:3.6eca:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F87C5D-6785-48BF-95C3-0B369FA460B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_guard:3.6ecb:*:*:*:*:*:*:*",
              "matchCriteriaId": "31FBC29D-CA61-44D8-A270-46A03A833B86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_guard:3.6ecc:*:*:*:*:*:*:*",
              "matchCriteriaId": "A86CD5F2-8C8D-425D-9F00-B3640C53383F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_guard:3.6ecd:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A5DA13A-1070-4EF9-A9DE-92A7FA83DAB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_guard:3.6ece:*:*:*:*:*:*:*",
              "matchCriteriaId": "577AEB0F-8644-4125-8A43-CBC82CF44853",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_guard:3.6ecf:*:*:*:*:*:*:*",
              "matchCriteriaId": "B530CD88-6B32-480C-9603-A25C38D274C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_network_sensor:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A0F6286-EF98-44BD-8CA6-BAB33544EA64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_network_sensor:7.0:xpu_20.11:*:*:*:*:*:*",
              "matchCriteriaId": "7A504DCD-CF18-4539-A7CB-EA04BFA81619",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_network_sensor:7.0:xpu_22.10:*:*:*:*:*:*",
              "matchCriteriaId": "9A191358-1459-4E71-9F12-99D12003E7B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_network_sensor:7.0:xpu_22.4:*:*:*:*:*:*",
              "matchCriteriaId": "CC8E40A1-3249-41D5-8B0E-6BCD9DB233D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_network_sensor:7.0:xpu_22.9:*:*:*:*:*:*",
              "matchCriteriaId": "A69442C9-948D-4A9B-9457-EB88264C01E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_sentry:3.6ebz:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F724DC4-27FB-4A03-821E-42950C29EED5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_sentry:3.6eca:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F0A7A6F-1D77-4B9A-83D8-65EDA6C03520",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_sentry:3.6ecb:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E50FCC4-5C32-4F7E-A344-CAC2AFF8FA25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_sentry:3.6ecc:*:*:*:*:*:*:*",
              "matchCriteriaId": "A52E596F-5C78-4E50-9E47-FA2302338700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_sentry:3.6ecd:*:*:*:*:*:*:*",
              "matchCriteriaId": "E644AD11-6279-45D5-A66D-AA7B2308F698",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_sentry:3.6ece:*:*:*:*:*:*:*",
              "matchCriteriaId": "B48FAF98-BFE6-4217-8C47-56BE3DA99BFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_sentry:3.6ecf:*:*:*:*:*:*:*",
              "matchCriteriaId": "8983BE98-CC42-4B87-931B-31EF6B9AB840",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:6.0:*:windows:*:*:*:*:*",
              "matchCriteriaId": "FDDE63D7-E55B-4835-8743-328F3030F4EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:6.0.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "97C22F7D-EB60-4B78-87AA-1BFA2FA4E515",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:6.0.1_win_sr1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1447560D-A958-4BCC-8115-64F3D04B49D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:6.5:*:windows:*:*:*:*:*",
              "matchCriteriaId": "D325FA2D-0369-4AA7-B71B-26C4045DE830",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:6.5:sr3.2:windows:*:*:*:*:*",
              "matchCriteriaId": "63582601-9CF4-42B0-B020-DE545C6F6476",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:6.5:sr3.3:windows:*:*:*:*:*",
              "matchCriteriaId": "E51BF25F-4C02-46FF-BB15-737AE101323A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF470B25-8035-40A4-BBCC-9CEF2D90B315",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A07C2AA4-15C9-4145-8630-F2BDDD1ADAA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "95ADE273-2B32-45F8-A19A-2B3CF0E3C5E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F4A847C-73E3-4167-A701-5CFA34B41F1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DE03A8A-0BBF-4A00-854E-E5D3AEEA3038",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "846E7E1C-D355-41A4-A5DF-0ED7D36CB606",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B921BE08-18CB-410F-9FBF-378B345BB632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:6.5_win_sr3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9A0A43B-1C18-4865-81EC-94823FA327D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.1:*:*:*:*:*:*",
              "matchCriteriaId": "50DDAB1D-D84D-41B4-BE61-B031F85BAA7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.10:*:*:*:*:*:*",
              "matchCriteriaId": "345F0C75-D471-47AB-90B2-F0E6E08D65D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.11:*:*:*:*:*:*",
              "matchCriteriaId": "982C0194-9C25-4731-9EC2-F5292E596D8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.2:*:*:*:*:*:*",
              "matchCriteriaId": "AD295E17-E4EB-41FC-A8FA-E463EF2CB33A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.3:*:*:*:*:*:*",
              "matchCriteriaId": "3AE17062-3422-4684-B5B4-29410B03A16A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.4:*:*:*:*:*:*",
              "matchCriteriaId": "6E854CC4-B8A6-4565-BA20-307C4B598409",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.5:*:*:*:*:*:*",
              "matchCriteriaId": "CEC8903E-54DB-4AFF-98EB-50DD7E989685",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.6:*:*:*:*:*:*",
              "matchCriteriaId": "679594CC-1517-44C1-9A27-6D3041D94F25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.7:*:*:*:*:*:*",
              "matchCriteriaId": "E86D698A-867A-49D2-81A0-E9001F7CAEA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.8:*:*:*:*:*:*",
              "matchCriteriaId": "8174C7C5-91E0-4A1F-9A4B-6BDABA04E76C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu22.9:*:*:*:*:*:*",
              "matchCriteriaId": "38CA54FF-3A3F-4994-82C3-B07D316375D8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:iss:proventia_a_series_xpu:20.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "539881F0-EBAC-46DC-9CFB-61EC25D5E081",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_a_series_xpu:22.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AB5CCAC-7E1E-4CCB-9233-9FBF0BC1CC9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_a_series_xpu:22.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9316064A-EE65-4444-AEA7-9820CAA725CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_a_series_xpu:22.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B123819-8C67-4163-BB2B-EB25F85D9B63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_a_series_xpu:22.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "64225CAB-B26C-42DB-B73E-D561AE98DE3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_a_series_xpu:22.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB5C9774-043D-40C7-B8A1-A054893CF32B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_a_series_xpu:22.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F7036D0-11EC-4DF1-89C5-A4CAE1F2EADF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_a_series_xpu:22.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7851B0FE-865B-4B98-BC9A-0F9F33B919FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_a_series_xpu:22.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA8B4BFA-24A1-4912-BF8F-BC1B34B7CF23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_a_series_xpu:22.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FF13B73-03B1-4293-BDD5-531D27194BB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_a_series_xpu:22.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA1B66A-68FA-4D7B-9F84-2F246AF02BF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_g_series_xpu:22.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "34C4BE13-2464-4503-95B0-DAAB6456DE21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_g_series_xpu:22.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "48849D08-AEFB-4803-8BBE-3B26DA3AA2AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_g_series_xpu:22.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C3D5C60-1E1C-4831-895A-7C28D279FFF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_g_series_xpu:22.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AC28B6F-D51D-45D6-8255-6B51E9AE3F7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_g_series_xpu:22.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7C23B03-7173-4548-926E-DADA3CCF5C71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_g_series_xpu:22.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F2D006B-9F5B-40CC-991D-A7791D8ED195",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_g_series_xpu:22.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA2C7B52-9341-4F88-B4D6-751573AB7A3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_g_series_xpu:22.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC9EFA94-5658-4AB0-9F81-9B5ED9F2002C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_g_series_xpu:22.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "40FFBAF4-558B-410E-A655-97B769656191",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_g_series_xpu:22.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9083295-15FE-4965-9C0D-3663FBA4E769",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_g_series_xpu:22.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "748C02A3-71AE-4E3F-9C60-981E01CEDD50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_m_series_xpu:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "76485FF8-4187-4934-994C-440B252B2A8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_m_series_xpu:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1D62AAB-5111-4C77-B1DE-B0EAB27EA8DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_m_series_xpu:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1CEE521-AF0A-4210-A1DD-DF988287F989",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_m_series_xpu:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D704A967-4032-4C23-A63E-ADCC31BB6ED7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_m_series_xpu:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E97E44BD-5424-48FD-A1BF-C5F616A045BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_m_series_xpu:1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9778EC91-CCD8-403E-BE74-50E19FF807B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_m_series_xpu:1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "76715627-E34C-4F04-9174-C20E3218607C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_m_series_xpu:1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAC74BF9-531D-415F-915A-06423E4EB6FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_m_series_xpu:1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBC5E128-9F84-4712-903A-3AEB347F3BF0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de b\u00fafer basado en la pila en las rutinas de an\u00e1lisis de ICQ en el componente ISS Protocol Analysis Module (PAM), utilizado en varios productos RealSecure, Proventia y BlackICE, permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante un respuesta SRV_MULTI conteniendo un paquete de respuesta SRV_USER_ONLINE y un paquete de respuesta SRV_META_USER con campos 1) nickname, (2) firstname, (3) lastname, o (4) email largos, como son explotados por el gusanto \u0027Witty\u0027."
    }
  ],
  "id": "CVE-2004-0362",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-04-15T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=107965651712378\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/11073"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ciac.org/ciac/bulletins/o-104.shtml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.eeye.com/html/Research/Advisories/AD20040318.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/947254"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/4355"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/9913"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://xforce.iss.net/xforce/alerts/id/166"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15442"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15543"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=107965651712378\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/11073"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ciac.org/ciac/bulletins/o-104.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.eeye.com/html/Research/Advisories/AD20040318.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/947254"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/4355"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/9913"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://xforce.iss.net/xforce/alerts/id/166"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15442"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15543"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2001-10-30 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Various Intrusion Detection Systems (IDS) including (1) Cisco Secure Intrusion Detection System, (2) Cisco Catalyst 6000 Intrusion Detection System Module, (3) Dragon Sensor 4.x, (4) Snort before 1.8.1, (5) ISS RealSecure Network Sensor 5.x and 6.x before XPU 3.2, and (6) ISS RealSecure Server Sensor 5.5 and 6.0 for Windows, allow remote attackers to evade detection of HTTP attacks via non-standard "%u" Unicode encoding of ASCII characters in the requested URL.
References
cve@mitre.orghttp://marc.info/?l=bugtraq&m=99972950200602&w=2
cve@mitre.orghttp://www.cisco.com/warp/public/707/cisco-intrusion-detection-obfuscation-vuln-pub.shtmlPatch, Vendor Advisory
cve@mitre.orghttp://www.kb.cert.org/vuls/id/548515US Government Resource
cve@mitre.orghttp://www.securityfocus.com/bid/3292
cve@mitre.orghttp://xforce.iss.net/alerts/advise95.phpPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=99972950200602&w=2
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/warp/public/707/cisco-intrusion-detection-obfuscation-vuln-pub.shtmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/548515US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/3292
af854a3a-2127-422b-91ae-364da2661108http://xforce.iss.net/alerts/advise95.phpPatch, Vendor Advisory
Impacted products
Vendor Product Version
cisco catalyst_6000_intrusion_detection_system_module *
cisco secure_intrusion_detection_system *
iss realsecure_network_sensor 5.x
iss realsecure_network_sensor 6.x
iss realsecure_server_sensor 5.5
iss realsecure_server_sensor 6.0
snort snort 1.8.1
enterasys dragon 4.x


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:catalyst_6000_intrusion_detection_system_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "670E75BE-D3CB-4BA7-BF17-F4CEFBA668D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_intrusion_detection_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "77012AED-148F-422C-AB0C-DBD7BB1D3493",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_network_sensor:5.x:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0D349D6-057D-459C-861B-FF9BE193A3D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_network_sensor:6.x:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1D78D55-2486-48C6-8766-D933328F585A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC67A95B-3CCF-469F-98C2-8D8C7B2E0F91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "42507EA0-009C-466B-A4AD-F7C050682F49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snort:snort:1.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12D3E0FE-0557-4B8F-A97B-1FBE6030C8CA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:enterasys:dragon:4.x:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CE293CA-7874-4B54-8516-AF3469A3440D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Various Intrusion Detection Systems (IDS) including (1) Cisco Secure Intrusion Detection System, (2) Cisco Catalyst 6000 Intrusion Detection System Module, (3) Dragon Sensor 4.x, (4) Snort before 1.8.1, (5) ISS RealSecure Network Sensor 5.x and 6.x before XPU 3.2, and (6) ISS RealSecure Server Sensor 5.5 and 6.0 for Windows, allow remote attackers to evade detection of HTTP attacks via non-standard \"%u\" Unicode encoding of ASCII characters in the requested URL."
    }
  ],
  "id": "CVE-2001-0669",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2001-10-30T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=99972950200602\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/warp/public/707/cisco-intrusion-detection-obfuscation-vuln-pub.shtml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/548515"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/3292"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://xforce.iss.net/alerts/advise95.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=99972950200602\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/warp/public/707/cisco-intrusion-detection-obfuscation-vuln-pub.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/548515"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/3292"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://xforce.iss.net/alerts/advise95.php"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2004-0362 (GCVE-0-2004-0362)
Vulnerability from cvelistv5
Published
2004-03-23 05:00
Modified
2024-08-08 00:17
Severity ?
CWE
  • n/a
Summary
Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm.
References
http://xforce.iss.net/xforce/alerts/id/166 third-party-advisory, x_refsource_ISS
http://www.securityfocus.com/bid/9913 vdb-entry, x_refsource_BID
http://secunia.com/advisories/11073 third-party-advisory, x_refsource_SECUNIA
http://www.ciac.org/ciac/bulletins/o-104.shtml third-party-advisory, government-resource, x_refsource_CIAC
http://www.eeye.com/html/Research/Advisories/AD20040318.html third-party-advisory, x_refsource_EEYE
https://exchange.xforce.ibmcloud.com/vulnerabilities/15442 vdb-entry, x_refsource_XF
http://www.osvdb.org/4355 vdb-entry, x_refsource_OSVDB
http://www.kb.cert.org/vuls/id/947254 third-party-advisory, x_refsource_CERT-VN
http://marc.info/?l=bugtraq&m=107965651712378&w=2 mailing-list, x_refsource_BUGTRAQ
https://exchange.xforce.ibmcloud.com/vulnerabilities/15543 vdb-entry, x_refsource_XF
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:17:14.262Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20040318 Vulnerability in ICQ Parsing in ISS Products",
            "tags": [
              "third-party-advisory",
              "x_refsource_ISS",
              "x_transferred"
            ],
            "url": "http://xforce.iss.net/xforce/alerts/id/166"
          },
          {
            "name": "9913",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/9913"
          },
          {
            "name": "11073",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/11073"
          },
          {
            "name": "O-104",
            "tags": [
              "third-party-advisory",
              "government-resource",
              "x_refsource_CIAC",
              "x_transferred"
            ],
            "url": "http://www.ciac.org/ciac/bulletins/o-104.shtml"
          },
          {
            "name": "AD20040318",
            "tags": [
              "third-party-advisory",
              "x_refsource_EEYE",
              "x_transferred"
            ],
            "url": "http://www.eeye.com/html/Research/Advisories/AD20040318.html"
          },
          {
            "name": "pam-icq-parsing-bo(15442)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15442"
          },
          {
            "name": "4355",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/4355"
          },
          {
            "name": "VU#947254",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/947254"
          },
          {
            "name": "20040318 EEYE: Internet Security Systems PAM ICQ Server Response Processing Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=107965651712378\u0026w=2"
          },
          {
            "name": "witty-worm-propagation(15543)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15543"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-03-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20040318 Vulnerability in ICQ Parsing in ISS Products",
          "tags": [
            "third-party-advisory",
            "x_refsource_ISS"
          ],
          "url": "http://xforce.iss.net/xforce/alerts/id/166"
        },
        {
          "name": "9913",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/9913"
        },
        {
          "name": "11073",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/11073"
        },
        {
          "name": "O-104",
          "tags": [
            "third-party-advisory",
            "government-resource",
            "x_refsource_CIAC"
          ],
          "url": "http://www.ciac.org/ciac/bulletins/o-104.shtml"
        },
        {
          "name": "AD20040318",
          "tags": [
            "third-party-advisory",
            "x_refsource_EEYE"
          ],
          "url": "http://www.eeye.com/html/Research/Advisories/AD20040318.html"
        },
        {
          "name": "pam-icq-parsing-bo(15442)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15442"
        },
        {
          "name": "4355",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/4355"
        },
        {
          "name": "VU#947254",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/947254"
        },
        {
          "name": "20040318 EEYE: Internet Security Systems PAM ICQ Server Response Processing Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=107965651712378\u0026w=2"
        },
        {
          "name": "witty-worm-propagation(15543)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15543"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0362",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20040318 Vulnerability in ICQ Parsing in ISS Products",
              "refsource": "ISS",
              "url": "http://xforce.iss.net/xforce/alerts/id/166"
            },
            {
              "name": "9913",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/9913"
            },
            {
              "name": "11073",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/11073"
            },
            {
              "name": "O-104",
              "refsource": "CIAC",
              "url": "http://www.ciac.org/ciac/bulletins/o-104.shtml"
            },
            {
              "name": "AD20040318",
              "refsource": "EEYE",
              "url": "http://www.eeye.com/html/Research/Advisories/AD20040318.html"
            },
            {
              "name": "pam-icq-parsing-bo(15442)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15442"
            },
            {
              "name": "4355",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/4355"
            },
            {
              "name": "VU#947254",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/947254"
            },
            {
              "name": "20040318 EEYE: Internet Security Systems PAM ICQ Server Response Processing Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=107965651712378\u0026w=2"
            },
            {
              "name": "witty-worm-propagation(15543)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15543"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0362",
    "datePublished": "2004-03-23T05:00:00",
    "dateReserved": "2004-03-18T00:00:00",
    "dateUpdated": "2024-08-08T00:17:14.262Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2001-0669 (GCVE-0-2001-0669)
Vulnerability from cvelistv5
Published
2001-10-12 04:00
Modified
2024-08-08 04:30
Severity ?
CWE
  • n/a
Summary
Various Intrusion Detection Systems (IDS) including (1) Cisco Secure Intrusion Detection System, (2) Cisco Catalyst 6000 Intrusion Detection System Module, (3) Dragon Sensor 4.x, (4) Snort before 1.8.1, (5) ISS RealSecure Network Sensor 5.x and 6.x before XPU 3.2, and (6) ISS RealSecure Server Sensor 5.5 and 6.0 for Windows, allow remote attackers to evade detection of HTTP attacks via non-standard "%u" Unicode encoding of ASCII characters in the requested URL.
References
http://www.kb.cert.org/vuls/id/548515 third-party-advisory, x_refsource_CERT-VN
http://www.securityfocus.com/bid/3292 vdb-entry, x_refsource_BID
http://www.cisco.com/warp/public/707/cisco-intrusion-detection-obfuscation-vuln-pub.shtml vendor-advisory, x_refsource_CISCO
http://xforce.iss.net/alerts/advise95.php third-party-advisory, x_refsource_ISS
http://marc.info/?l=bugtraq&m=99972950200602&w=2 mailing-list, x_refsource_BUGTRAQ
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T04:30:06.065Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "VU#548515",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/548515"
          },
          {
            "name": "3292",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/3292"
          },
          {
            "name": "20010905 Cisco Secure Intrusion Detection System Signature Obfuscation Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/warp/public/707/cisco-intrusion-detection-obfuscation-vuln-pub.shtml"
          },
          {
            "name": "20010905 Multiple Vendor IDS Unicode Bypass Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_ISS",
              "x_transferred"
            ],
            "url": "http://xforce.iss.net/alerts/advise95.php"
          },
          {
            "name": "20010905 %u encoding IDS bypass vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=99972950200602\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2001-09-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Various Intrusion Detection Systems (IDS) including (1) Cisco Secure Intrusion Detection System, (2) Cisco Catalyst 6000 Intrusion Detection System Module, (3) Dragon Sensor 4.x, (4) Snort before 1.8.1, (5) ISS RealSecure Network Sensor 5.x and 6.x before XPU 3.2, and (6) ISS RealSecure Server Sensor 5.5 and 6.0 for Windows, allow remote attackers to evade detection of HTTP attacks via non-standard \"%u\" Unicode encoding of ASCII characters in the requested URL."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-10-17T13:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "VU#548515",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/548515"
        },
        {
          "name": "3292",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/3292"
        },
        {
          "name": "20010905 Cisco Secure Intrusion Detection System Signature Obfuscation Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/warp/public/707/cisco-intrusion-detection-obfuscation-vuln-pub.shtml"
        },
        {
          "name": "20010905 Multiple Vendor IDS Unicode Bypass Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_ISS"
          ],
          "url": "http://xforce.iss.net/alerts/advise95.php"
        },
        {
          "name": "20010905 %u encoding IDS bypass vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=99972950200602\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2001-0669",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Various Intrusion Detection Systems (IDS) including (1) Cisco Secure Intrusion Detection System, (2) Cisco Catalyst 6000 Intrusion Detection System Module, (3) Dragon Sensor 4.x, (4) Snort before 1.8.1, (5) ISS RealSecure Network Sensor 5.x and 6.x before XPU 3.2, and (6) ISS RealSecure Server Sensor 5.5 and 6.0 for Windows, allow remote attackers to evade detection of HTTP attacks via non-standard \"%u\" Unicode encoding of ASCII characters in the requested URL."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "VU#548515",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/548515"
            },
            {
              "name": "3292",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/3292"
            },
            {
              "name": "20010905 Cisco Secure Intrusion Detection System Signature Obfuscation Vulnerability",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/warp/public/707/cisco-intrusion-detection-obfuscation-vuln-pub.shtml"
            },
            {
              "name": "20010905 Multiple Vendor IDS Unicode Bypass Vulnerability",
              "refsource": "ISS",
              "url": "http://xforce.iss.net/alerts/advise95.php"
            },
            {
              "name": "20010905 %u encoding IDS bypass vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=99972950200602\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2001-0669",
    "datePublished": "2001-10-12T04:00:00",
    "dateReserved": "2001-08-27T00:00:00",
    "dateUpdated": "2024-08-08T04:30:06.065Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}