CVE-2006-3840 (GCVE-0-2006-3840)

Vulnerability from cvelistv5 – Published: 2006-07-27 10:00 – Updated: 2024-08-07 18:48

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://iss.custhelp.com/cgi-bin/iss.cfg/php/endu…	x_refsource_CONFIRM
	http://www.securityfocus.com/archive/1/441278/100…	mailing-listx_refsource_BUGTRAQ
	http://www.nsfocus.com/english/homepage/research/…	x_refsource_MISC
	http://secunia.com/advisories/21219	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2006/2996	vdb-entryx_refsource_VUPEN
	http://securitytracker.com/id?1016592	vdb-entryx_refsource_SECTRACK
	http://xforce.iss.net/xforce/alerts/id/230	third-party-advisoryx_refsource_ISS
	http://www.securityfocus.com/bid/19178	vdb-entryx_refsource_BID
	http://securitytracker.com/id?1016590	vdb-entryx_refsource_SECTRACK
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://securitytracker.com/id?1016591	vdb-entryx_refsource_SECTRACK

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T18:48:39.136Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630"
          },
          {
            "name": "20060727 NSFOCUS SA2006-07 : ISS RealSecure/BlackICE MailSlot Heap Overflow Detection Remote DoS Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/441278/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.nsfocus.com/english/homepage/research/0607.htm"
          },
          {
            "name": "21219",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21219"
          },
          {
            "name": "ADV-2006-2996",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/2996"
          },
          {
            "name": "1016592",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016592"
          },
          {
            "name": "20060726 Protocol Parsing Bug in SMB Mailslot Parsing in ISS Products",
            "tags": [
              "third-party-advisory",
              "x_refsource_ISS",
              "x_transferred"
            ],
            "url": "http://xforce.iss.net/xforce/alerts/id/230"
          },
          {
            "name": "19178",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/19178"
          },
          {
            "name": "1016590",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016590"
          },
          {
            "name": "pam-smb-mailslot-dos(27965)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27965"
          },
          {
            "name": "1016591",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016591"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-07-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-17T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630"
        },
        {
          "name": "20060727 NSFOCUS SA2006-07 : ISS RealSecure/BlackICE MailSlot Heap Overflow Detection Remote DoS Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/441278/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.nsfocus.com/english/homepage/research/0607.htm"
        },
        {
          "name": "21219",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21219"
        },
        {
          "name": "ADV-2006-2996",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/2996"
        },
        {
          "name": "1016592",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016592"
        },
        {
          "name": "20060726 Protocol Parsing Bug in SMB Mailslot Parsing in ISS Products",
          "tags": [
            "third-party-advisory",
            "x_refsource_ISS"
          ],
          "url": "http://xforce.iss.net/xforce/alerts/id/230"
        },
        {
          "name": "19178",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/19178"
        },
        {
          "name": "1016590",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016590"
        },
        {
          "name": "pam-smb-mailslot-dos(27965)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27965"
        },
        {
          "name": "1016591",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016591"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-3840",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630",
              "refsource": "CONFIRM",
              "url": "https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630"
            },
            {
              "name": "20060727 NSFOCUS SA2006-07 : ISS RealSecure/BlackICE MailSlot Heap Overflow Detection Remote DoS Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/441278/100/0/threaded"
            },
            {
              "name": "http://www.nsfocus.com/english/homepage/research/0607.htm",
              "refsource": "MISC",
              "url": "http://www.nsfocus.com/english/homepage/research/0607.htm"
            },
            {
              "name": "21219",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21219"
            },
            {
              "name": "ADV-2006-2996",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/2996"
            },
            {
              "name": "1016592",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016592"
            },
            {
              "name": "20060726 Protocol Parsing Bug in SMB Mailslot Parsing in ISS Products",
              "refsource": "ISS",
              "url": "http://xforce.iss.net/xforce/alerts/id/230"
            },
            {
              "name": "19178",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/19178"
            },
            {
              "name": "1016590",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016590"
            },
            {
              "name": "pam-smb-mailslot-dos(27965)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27965"
            },
            {
              "name": "1016591",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016591"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-3840",
    "datePublished": "2006-07-27T10:00:00",
    "dateReserved": "2006-07-25T00:00:00",
    "dateUpdated": "2024-08-07T18:48:39.136Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:iss:blackice_pc_protection:3.6cpk:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"643BC973-847D-43EB-A1BE-356C36F61123\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:iss:blackice_server_protection:3.6cpk:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"22CCE20A-E955-4630-9D6A-FBEF9DE5595B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:iss:proventia_desktop:8.0.675.1790:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1538F0E9-E5B9-4D2D-B5FC-084DFB9A2899\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:iss:proventia_desktop:8.0.812.1790:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"27D878CE-7CB9-4A24-B836-4E14447F53B9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:iss:realsecure_desktop:7.0epk:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F3CEB52E-9D4F-456A-A0C9-38E9D5FB6770\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:iss:realsecure_network:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D8282F03-33D2-4545-9E36-3FC0EB6B291F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:iss:realsecure_server_sensor:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"216E89B1-4096-487C-AB3A-79FF2FAE523B\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:iss:proventia_a_series_xpu:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FDCF39B2-42A9-4B6E-B70B-0DA8D61E1ED1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:iss:proventia_g_series_xpu:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA4C8341-4801-4751-88EB-1F5048C49778\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:iss:proventia_m_series_xpu:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8F4318C6-AF27-4099-AAE9-3DDC6DA202FA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:iss:proventia_server:1.0.914.1880:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2EDE7886-53E6-4E97-A6ED-F97CF31714C3\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode.\"}, {\"lang\": \"es\", \"value\": \"La funcionalidad SMB Mailslot en PAM en m\\u00faltiples productos ISS con XPU (24.39/1.78/epj/x.x.x.1780), incluyendo Proventia A, G, M, Server, y Desktop, BlackICE PC y Server Protection 3.6, y RealSecure 7.0,permiten a atacantes remotos provocar denegaci\\u00f3n de servicio (bucle infinito) a trav\\u00e9s de paquetes SMB manipulados que no son manejados adecuadamente por el decodificador SMB_Mailslot_Heap_Overflow.\"}]",
      "id": "CVE-2006-3840",
      "lastModified": "2024-11-21T00:14:33.027",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2006-07-27T11:04:00.000",
      "references": "[{\"url\": \"http://secunia.com/advisories/21219\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1016590\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://securitytracker.com/id?1016591\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://securitytracker.com/id?1016592\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.nsfocus.com/english/homepage/research/0607.htm\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/archive/1/441278/100/0/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/19178\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2006/2996\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://xforce.iss.net/xforce/alerts/id/230\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/27965\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/21219\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1016590\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1016591\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1016592\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.nsfocus.com/english/homepage/research/0607.htm\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/441278/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/19178\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2006/2996\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://xforce.iss.net/xforce/alerts/id/230\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/27965\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-399\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-3840\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-07-27T11:04:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode.\"},{\"lang\":\"es\",\"value\":\"La funcionalidad SMB Mailslot en PAM en m\u00faltiples productos ISS con XPU (24.39/1.78/epj/x.x.x.1780), incluyendo Proventia A, G, M, Server, y Desktop, BlackICE PC y Server Protection 3.6, y RealSecure 7.0,permiten a atacantes remotos provocar denegaci\u00f3n de servicio (bucle infinito) a trav\u00e9s de paquetes SMB manipulados que no son manejados adecuadamente por el decodificador SMB_Mailslot_Heap_Overflow.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-399\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:iss:blackice_pc_protection:3.6cpk:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"643BC973-847D-43EB-A1BE-356C36F61123\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:iss:blackice_server_protection:3.6cpk:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22CCE20A-E955-4630-9D6A-FBEF9DE5595B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:iss:proventia_desktop:8.0.675.1790:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1538F0E9-E5B9-4D2D-B5FC-084DFB9A2899\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:iss:proventia_desktop:8.0.812.1790:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27D878CE-7CB9-4A24-B836-4E14447F53B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:iss:realsecure_desktop:7.0epk:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3CEB52E-9D4F-456A-A0C9-38E9D5FB6770\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:iss:realsecure_network:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8282F03-33D2-4545-9E36-3FC0EB6B291F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:iss:realsecure_server_sensor:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"216E89B1-4096-487C-AB3A-79FF2FAE523B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:iss:proventia_a_series_xpu:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDCF39B2-42A9-4B6E-B70B-0DA8D61E1ED1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:iss:proventia_g_series_xpu:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA4C8341-4801-4751-88EB-1F5048C49778\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:iss:proventia_m_series_xpu:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F4318C6-AF27-4099-AAE9-3DDC6DA202FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:iss:proventia_server:1.0.914.1880:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2EDE7886-53E6-4E97-A6ED-F97CF31714C3\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/21219\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1016590\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1016591\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1016592\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.nsfocus.com/english/homepage/research/0607.htm\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/441278/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/19178\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/2996\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://xforce.iss.net/xforce/alerts/id/230\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/27965\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/21219\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1016590\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1016591\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1016592\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.nsfocus.com/english/homepage/research/0607.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/441278/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/19178\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/2996\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://xforce.iss.net/xforce/alerts/id/230\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/27965\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

VAR-200607-0397

Vulnerability from variot - Updated: 2023-12-18 13:45

The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode. ISS The product includes 2006 Year 7 Monthly release XPU include "SMB_MailSlot_Heap_Overflow" Defect in decoding, certain legitimate SMB Mailslot When analyzing traffic, Protocol Analysis Module (PAM) Engine stops responding to subsequent traffic and disrupts service operation (DoS) There is a vulnerability that becomes a condition.ISS Protection product interferes with service operation (DoS) It may be in a state. The Internet Security Systems implementation of SMB/TCP Mailslot is prone to a denial-of-service vulnerability. This issue is due to a design error when dealing with certain legitimate SMB Mailslot traffic. An attacker can exploit this issue to crash the affected service, effectively denying service to legitimate users. ISS is an internationally renowned security vendor that provides a variety of firewalls and intrusion detection devices. An attacker only needs to send a single packet to trigger this vulnerability without actually establishing an SMB session.

Hardcore Disassembler / Reverse Engineer Wanted!

Want to work with IDA and BinDiff? Want to write PoC's and Exploits?

Your nationality is not important. We will get you a work permit, find an apartment, and offer a relocation compensation package.

Successful exploitation causes the application or system to stop responding.

SOLUTION: Update to a fixed version (see vendor advisory for details).

ORIGINAL ADVISORY: ISS: http://xforce.iss.net/xforce/alerts/id/230 https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630

NSFocus: http://www.nsfocus.com/english/homepage/research/0607.htm

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

. NSFOCUS Security Advisory (SA2006-07)

ISS RealSecure/BlackICE MailSlot Heap Overflow Detection Remote DoS Vulnerability

Release Date: 2006-07-27

CVE ID: CVE-2006-3840

http://www.nsfocus.com/english/homepage/research/0607.htm

Affected systems & software

RealSecure Network Sensor 7.0 Proventia A Series Proventia G Series Proventia M Series RealSecure Server Sensor 7.0 Proventia Server RealSecure Desktop 7.0 Proventia Desktop BlackICE PC Protection 3.6 BlackICE Server Protection 3.6

Unaffected systems & software

Summary

NSFocus Security Team discovered a remote DoS vulnerability in ISS RealSecure/ BlackICE products lines' detection of MailSlot Heap Overflow (MS06-035). By sending a specific SMB MailSlot packet it's possible to cause DoS in ISS protection products.

Description

There is a DoS vulnerability in ISS protection products' detection of SMB_MailSlot_Heap_Overflow (MS06-035/KB917159). By sending a specific SMB MailSlot packet it's possible to cause an infinite loop to occur in the detection code, and the ISS product or even the operating system will stop to respond. For example, for BlackICE the vulnerability might cause the inerruption of the network traffic, and an approximately 100% CPU utilization. STOP BlackICE engine will not restore normal operation. Instead OS restart is required.

This vulnerability can be triggered by a single packet. The establishment of a real SMB session is not required.

Workaround

Block ports TCP/445 and TCP/139 at the firewall.

Vendor Status

2006.07.24 Informed the vendor 2006.07.25 Vendor confirmed the vulnerability 2006.07.26 ISS has released a security alert and related patches.

For more details about the security alert, please refer to: http://xforce.iss.net/xforce/alerts/id/230

ISS has released the following XPUs to fix this vulnerability:

RealSecure Network 7.0, XPU 24.40 Proventia A Series, XPU 24.40 Proventia G Series, XPU 24.40/1.79 Proventia M Series, XPU 1.79 RealSecure Server Sensor 7.0, XPU 24.40 Proventia Server 1.0.914.1880 RealSecure Desktop 7.0 epk Proventia Desktop 8.0.812.1790/8.0.675.1790 BlackICE PC Protection 3.6 cpk BlackICE Server Protection 3.6 cpk

Additional Information

The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2006-3840 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org), which standardizes names for security problems. Candidates may change significantly before they become official CVE entries.

Acknowledgment

Chen Qing of NSFocus Security Team found the vulnerability.

DISCLAIMS

THE INFORMATION PROVIDED IS RELEASED BY NSFOCUS "AS IS" WITHOUT WARRANTY OF ANY KIND. NSFOCUS DISCLAIMS ALL WARRANTIES, EITHER EXPRESSED OR IMPLIED, EXCEPT FOR THE WARRANTIES OF MERCHANTABILITY. IN NO EVENT SHALL NSFOCUS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL,CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF NSFOCUS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. DISTRIBUTION OR REPRODUCTION OF THE INFORMATION IS PROVIDED THAT THE ADVISORY IS NOT MODIFIED IN ANY WAY.

NSFOCUS Security Team security@nsfocus.com NSFOCUS INFORMATION TECHNOLOGY CO.,LTD (http://www.nsfocus.com)

PGP Key: http://www.nsfocus.com/homepage/research/pgpkey.asc Key fingerprint = F8F2 F5D1 EF74 E08C 02FE 1B90 D7BF 7877 C6A6 F6DA

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200607-0397",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "blackice pc protection",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "iss",
        "version": "3.6cpk"
      },
      {
        "model": "realsecure desktop",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "iss",
        "version": "7.0epk"
      },
      {
        "model": "proventia desktop",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "iss",
        "version": "8.0.675.1790"
      },
      {
        "model": "blackice server protection",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "iss",
        "version": "3.6cpk"
      },
      {
        "model": "realsecure network",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "iss",
        "version": "7.0"
      },
      {
        "model": "proventia desktop",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "iss",
        "version": "8.0.812.1790"
      },
      {
        "model": "realsecure server sensor",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "iss",
        "version": "7.0"
      },
      {
        "model": "proventia g series xpu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "iss",
        "version": "*"
      },
      {
        "model": "proventia m series xpu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "iss",
        "version": "*"
      },
      {
        "model": "proventia server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "iss",
        "version": "1.0.914.1880"
      },
      {
        "model": "proventia a series xpu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "iss",
        "version": "*"
      },
      {
        "model": "blackice pc protection",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "the internet security",
        "version": "3.6 cpk"
      },
      {
        "model": "blackice server protection",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "the internet security",
        "version": "3.6 cpk"
      },
      {
        "model": "proventia a series",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "the internet security",
        "version": "xpu 24.40"
      },
      {
        "model": "proventia desktop",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "the internet security",
        "version": "8.0.812.1790"
      },
      {
        "model": "proventia g series",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "the internet security",
        "version": "xpu 24.40/1.79"
      },
      {
        "model": "proventia m series",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "the internet security",
        "version": "xpu 1.79"
      },
      {
        "model": "proventia server",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "the internet security",
        "version": "for linux xpu 1.79"
      },
      {
        "model": "realsecure desktop",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "the internet security",
        "version": "7.0 epk"
      },
      {
        "model": "realsecure network sensor",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "the internet security",
        "version": "7.0 xpu 24.40"
      },
      {
        "model": "realsecure server sensor",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "the internet security",
        "version": "7.0 xpu 24.40"
      },
      {
        "model": "proventia g series xpu",
        "scope": null,
        "trust": 0.6,
        "vendor": "iss",
        "version": null
      },
      {
        "model": "proventia a series xpu",
        "scope": null,
        "trust": 0.6,
        "vendor": "iss",
        "version": null
      },
      {
        "model": "proventia m series xpu",
        "scope": null,
        "trust": 0.6,
        "vendor": "iss",
        "version": null
      },
      {
        "model": "security systems realsecure server sensor xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "7.022.9"
      },
      {
        "model": "security systems realsecure server sensor xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "7.022.8"
      },
      {
        "model": "security systems realsecure server sensor xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "7.022.7"
      },
      {
        "model": "security systems realsecure server sensor xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "7.022.6"
      },
      {
        "model": "security systems realsecure server sensor xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "7.022.5"
      },
      {
        "model": "security systems realsecure server sensor xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "7.022.4"
      },
      {
        "model": "security systems realsecure server sensor xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "7.022.3"
      },
      {
        "model": "security systems realsecure server sensor xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "7.022.2"
      },
      {
        "model": "security systems realsecure server sensor xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "7.022.12"
      },
      {
        "model": "security systems realsecure server sensor xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "7.022.11"
      },
      {
        "model": "security systems realsecure server sensor xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "7.022.10"
      },
      {
        "model": "security systems realsecure server sensor xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "7.022.1"
      },
      {
        "model": "security systems realsecure server sensor xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "7.020.19"
      },
      {
        "model": "security systems realsecure server sensor xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "7.020.18"
      },
      {
        "model": "security systems realsecure server sensor xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "7.020.16"
      },
      {
        "model": "security systems realsecure network sensor xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "7.022.4"
      },
      {
        "model": "security systems realsecure network sensor xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "7.022.9"
      },
      {
        "model": "security systems realsecure network sensor xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "7.022.8"
      },
      {
        "model": "security systems realsecure network sensor xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "7.022.7"
      },
      {
        "model": "security systems realsecure network sensor xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "7.022.6"
      },
      {
        "model": "security systems realsecure network sensor xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "7.022.10"
      },
      {
        "model": "security systems realsecure network sensor xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "7.020.12"
      },
      {
        "model": "security systems realsecure network sensor xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "7.020.11"
      },
      {
        "model": "security systems realsecure network sensor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "7.0"
      },
      {
        "model": "security systems realsecure desktop ebm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "7.0"
      },
      {
        "model": "security systems realsecure desktop ebl",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "7.0"
      },
      {
        "model": "security systems realsecure desktop ebk",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "7.0"
      },
      {
        "model": "security systems realsecure desktop ebj",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "7.0"
      },
      {
        "model": "security systems realsecure desktop ebh",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "7.0"
      },
      {
        "model": "security systems realsecure desktop ebg",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "7.0"
      },
      {
        "model": "security systems realsecure desktop ebf",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "7.0"
      },
      {
        "model": "security systems realsecure desktop eba",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "7.0"
      },
      {
        "model": "security systems proventia m series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "1.9"
      },
      {
        "model": "security systems proventia m series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "1.8"
      },
      {
        "model": "security systems proventia m series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "1.7"
      },
      {
        "model": "security systems proventia m series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "1.6"
      },
      {
        "model": "security systems proventia m series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "1.5"
      },
      {
        "model": "security systems proventia m series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "1.4"
      },
      {
        "model": "security systems proventia m series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "1.3"
      },
      {
        "model": "security systems proventia m series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "1.2"
      },
      {
        "model": "security systems proventia m series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "1.10"
      },
      {
        "model": "security systems proventia m series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "1.1"
      },
      {
        "model": "security systems proventia a series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "22.9"
      },
      {
        "model": "security systems proventia a series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "22.10"
      },
      {
        "model": "security systems proventia a series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "20.15"
      },
      {
        "model": "security systems proventia a series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "20.14"
      },
      {
        "model": "security systems proventia a series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "20.13"
      },
      {
        "model": "security systems proventia a series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "20.12"
      },
      {
        "model": "security systems proventia a series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "20.11"
      },
      {
        "model": "security systems proventia a series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "22.8"
      },
      {
        "model": "security systems proventia a series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "22.7"
      },
      {
        "model": "security systems proventia a series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "22.6"
      },
      {
        "model": "security systems proventia a series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "22.5"
      },
      {
        "model": "security systems proventia a series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "22.4"
      },
      {
        "model": "security systems proventia a series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "22.3"
      },
      {
        "model": "security systems proventia a series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "22.2"
      },
      {
        "model": "security systems proventia a series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "22.1"
      },
      {
        "model": "security systems blackice server protection coq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice server protection cop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice server protection coo",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice server protection con",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice server protection com",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice server protection col",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice server protection cok",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice server protection coj",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice server protection coi",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice server protection coh",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice server protection cog",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice server protection cof",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice server protection coe",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice server protection cod",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice server protection coc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice server protection cob",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice server protection coa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice server protection cch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice server protection ccg",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice server protection ccf",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice server protection cce",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice server protection ccd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice server protection ccc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice server protection ccb",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice server protection cca",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice server protection cbz",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice server protection cbr",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice server protection .cno",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice pc protection cch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice pc protection ccg",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice pc protection ccf",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice pc protection cce",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice pc protection ccd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice pc protection ccc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice pc protection ccb",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice pc protection cca",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice pc protection cbz",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice pc protection cbr",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice pc protection cbd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice pc protection .cno",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "security systems blackice pc protection .cbz",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "internet",
        "version": "3.6"
      },
      {
        "model": "proventia g series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "22.9"
      },
      {
        "model": "proventia g series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "22.8"
      },
      {
        "model": "proventia g series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "22.7"
      },
      {
        "model": "proventia g series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "22.6"
      },
      {
        "model": "proventia g series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "22.5"
      },
      {
        "model": "proventia g series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "22.4"
      },
      {
        "model": "proventia g series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "22.3"
      },
      {
        "model": "proventia g series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "22.2"
      },
      {
        "model": "proventia g series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "22.12"
      },
      {
        "model": "proventia g series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "22.11"
      },
      {
        "model": "proventia g series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "22.10"
      },
      {
        "model": "proventia g series xpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "22.1"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "19178"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-000458"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-3840"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200607-462"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:iss:realsecure_desktop:7.0epk:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:iss:realsecure_network:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:iss:blackice_pc_protection:3.6cpk:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:iss:blackice_server_protection:3.6cpk:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:iss:proventia_desktop:8.0.675.1790:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:iss:proventia_desktop:8.0.812.1790:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:iss:proventia_a_series_xpu:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:iss:proventia_g_series_xpu:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:iss:proventia_m_series_xpu:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:iss:proventia_server:1.0.914.1880:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-3840"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Nsfocus Security team  security@nsfocus.com",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200607-462"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2006-3840",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 5.0,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2006-3840",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-19948",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2006-3840",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200607-462",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-19948",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-19948"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-000458"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-3840"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200607-462"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode. ISS The product includes 2006 Year 7 Monthly release XPU include \"SMB_MailSlot_Heap_Overflow\" Defect in decoding, certain legitimate SMB Mailslot When analyzing traffic, Protocol Analysis Module (PAM) Engine stops responding to subsequent traffic and disrupts service operation (DoS) There is a vulnerability that becomes a condition.ISS Protection product interferes with service operation (DoS) It may be in a state. The Internet Security Systems implementation of SMB/TCP Mailslot is prone to a denial-of-service vulnerability. This issue is due to a design error when dealing with certain legitimate SMB Mailslot traffic. \nAn attacker can exploit this issue to crash the affected service, effectively denying service to legitimate users. ISS is an internationally renowned security vendor that provides a variety of firewalls and intrusion detection devices. An attacker only needs to send a single packet to trigger this vulnerability without actually establishing an SMB session. \n\n----------------------------------------------------------------------\n\nHardcore Disassembler / Reverse Engineer Wanted!\n\nWant to work with IDA and BinDiff?\nWant to write PoC\u0027s and Exploits?\n\nYour nationality is not important. \nWe will get you a work permit, find an apartment, and offer a\nrelocation compensation package. \n\nSuccessful exploitation causes the application or system to stop\nresponding. \n\nSOLUTION:\nUpdate to a fixed version (see vendor advisory for details). \n\nORIGINAL ADVISORY:\nISS:\nhttp://xforce.iss.net/xforce/alerts/id/230\nhttps://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630\n\nNSFocus:\nhttp://www.nsfocus.com/english/homepage/research/0607.htm\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. NSFOCUS Security Advisory (SA2006-07)\n\nISS RealSecure/BlackICE MailSlot Heap Overflow Detection Remote DoS Vulnerability\n\nRelease Date: 2006-07-27\n\nCVE ID: CVE-2006-3840\n\nhttp://www.nsfocus.com/english/homepage/research/0607.htm\n\nAffected systems \u0026 software\n===================\n\nRealSecure Network Sensor 7.0\nProventia A Series\nProventia G Series\nProventia M Series\nRealSecure Server Sensor 7.0\nProventia Server\nRealSecure Desktop 7.0\nProventia Desktop\nBlackICE PC Protection 3.6\nBlackICE Server Protection 3.6\n\nUnaffected systems \u0026 software\n===================\n\n\nSummary\n=========\n\nNSFocus Security Team discovered a remote DoS vulnerability in ISS RealSecure/\nBlackICE products lines\u0027 detection of MailSlot Heap Overflow (MS06-035). By\nsending a specific SMB MailSlot packet it\u0027s possible to cause DoS in ISS\nprotection products. \n\nDescription\n============\n\nThere is a DoS vulnerability in ISS protection products\u0027 detection of SMB_MailSlot_Heap_Overflow\n(MS06-035/KB917159). By sending a specific SMB MailSlot packet it\u0027s possible\nto cause an infinite loop to occur in the detection code, and the ISS product \nor even the operating system will stop to respond. For example, for BlackICE \nthe vulnerability might cause the inerruption of the network traffic, \nand an approximately 100% CPU utilization. STOP BlackICE engine will not restore\nnormal operation. Instead OS restart is required. \n\nThis vulnerability can be triggered by a single packet. The establishment of \na real SMB session is not required.  \n\nWorkaround\n=============\n\nBlock ports TCP/445 and TCP/139 at the firewall. \n    \nVendor Status\n==============\n\n2006.07.24  Informed the vendor\n2006.07.25  Vendor confirmed the vulnerability\n2006.07.26  ISS has released a security alert and related patches. \n            \nFor more details about the security alert, please refer to:\nhttp://xforce.iss.net/xforce/alerts/id/230\n\nISS has released the following XPUs to fix this vulnerability:\n\nRealSecure Network 7.0, XPU 24.40\nProventia A Series, XPU 24.40\nProventia G Series, XPU 24.40/1.79\nProventia M Series, XPU 1.79\nRealSecure Server Sensor 7.0, XPU 24.40\nProventia Server 1.0.914.1880\nRealSecure Desktop 7.0 epk\nProventia Desktop 8.0.812.1790/8.0.675.1790\nBlackICE PC Protection 3.6 cpk\nBlackICE Server Protection 3.6 cpk\n\nAdditional Information\n========================\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nname CVE-2006-3840 to this issue. This is a candidate for inclusion in the \nCVE list (http://cve.mitre.org), which standardizes names for security problems. \nCandidates may change significantly before they become official CVE entries. \n\nAcknowledgment\n===============\n\nChen Qing of NSFocus Security Team found the vulnerability. \n\nDISCLAIMS\n==========\nTHE INFORMATION PROVIDED IS RELEASED BY NSFOCUS \"AS IS\" WITHOUT WARRANTY\nOF ANY KIND. NSFOCUS DISCLAIMS ALL WARRANTIES, EITHER EXPRESSED OR IMPLIED,\nEXCEPT FOR THE WARRANTIES OF MERCHANTABILITY. IN NO EVENT SHALL NSFOCUS\nBE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,\nINCIDENTAL,CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES,\nEVEN IF NSFOCUS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. \nDISTRIBUTION OR REPRODUCTION OF THE INFORMATION IS PROVIDED THAT THE\nADVISORY IS NOT MODIFIED IN ANY WAY. \n\nCopyright 1999-2006 NSFOCUS. All Rights Reserved. Terms of use. \n\n\nNSFOCUS Security Team \u003csecurity@nsfocus.com\u003e\nNSFOCUS INFORMATION TECHNOLOGY CO.,LTD\n(http://www.nsfocus.com)\n\nPGP Key: http://www.nsfocus.com/homepage/research/pgpkey.asc\nKey fingerprint = F8F2 F5D1 EF74 E08C 02FE 1B90 D7BF 7877 C6A6 F6DA\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-3840"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-000458"
      },
      {
        "db": "BID",
        "id": "19178"
      },
      {
        "db": "VULHUB",
        "id": "VHN-19948"
      },
      {
        "db": "PACKETSTORM",
        "id": "48616"
      },
      {
        "db": "PACKETSTORM",
        "id": "48652"
      }
    ],
    "trust": 2.16
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2006-3840",
        "trust": 2.9
      },
      {
        "db": "BID",
        "id": "19178",
        "trust": 2.8
      },
      {
        "db": "SECTRACK",
        "id": "1016591",
        "trust": 2.5
      },
      {
        "db": "SECTRACK",
        "id": "1016592",
        "trust": 2.5
      },
      {
        "db": "SECTRACK",
        "id": "1016590",
        "trust": 2.5
      },
      {
        "db": "SECUNIA",
        "id": "21219",
        "trust": 1.8
      },
      {
        "db": "VUPEN",
        "id": "ADV-2006-2996",
        "trust": 1.7
      },
      {
        "db": "XF",
        "id": "27965",
        "trust": 1.4
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-000458",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200607-462",
        "trust": 0.7
      },
      {
        "db": "ISS",
        "id": "20060726 PROTOCOL PARSING BUG IN SMB MAILSLOT PARSING IN ISS PRODUCTS",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20060727 NSFOCUS SA2006-07 : ISS REALSECURE/BLACKICE MAILSLOT HEAP OVERFLOW DETECTION REMOTE DOS VULNERABILITY",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "48652",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-19948",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "48616",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-19948"
      },
      {
        "db": "BID",
        "id": "19178"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-000458"
      },
      {
        "db": "PACKETSTORM",
        "id": "48616"
      },
      {
        "db": "PACKETSTORM",
        "id": "48652"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-3840"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200607-462"
      }
    ]
  },
  "id": "VAR-200607-0397",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-19948"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T13:45:17.531000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "3630",
        "trust": 0.8,
        "url": "https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630"
      },
      {
        "title": "230",
        "trust": 0.8,
        "url": "http://xforce.iss.net/xforce/alerts/id/230"
      },
      {
        "title": "smb_mailslot_230",
        "trust": 0.8,
        "url": "http://www.isskk.co.jp/support/techinfo/general/smb_mailslot_230.html"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-000458"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-399",
        "trust": 1.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-19948"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-3840"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.0,
        "url": "http://xforce.iss.net/xforce/alerts/id/230"
      },
      {
        "trust": 2.5,
        "url": "http://www.securityfocus.com/bid/19178"
      },
      {
        "trust": 2.5,
        "url": "http://securitytracker.com/id?1016590"
      },
      {
        "trust": 2.5,
        "url": "http://securitytracker.com/id?1016591"
      },
      {
        "trust": 2.5,
        "url": "http://securitytracker.com/id?1016592"
      },
      {
        "trust": 2.1,
        "url": "https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630"
      },
      {
        "trust": 1.9,
        "url": "http://www.nsfocus.com/english/homepage/research/0607.htm"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/21219"
      },
      {
        "trust": 1.4,
        "url": "http://www.frsirt.com/english/advisories/2006/2996"
      },
      {
        "trust": 1.4,
        "url": "http://xforce.iss.net/xforce/xfdb/27965"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/archive/1/441278/100/0/threaded"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2006/2996"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27965"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3840"
      },
      {
        "trust": 0.8,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2006-3840"
      },
      {
        "trust": 0.8,
        "url": "http://www.isskk.co.jp/support/techinfo/general/smb_mailslot_230.html"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/archive/1/441278/100/0/threaded"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/441278"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/21219/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2356/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2348/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/1702/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2160/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/465/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/11161/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2349/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5689/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2363/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2347/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org),"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2006-3840"
      },
      {
        "trust": 0.1,
        "url": "http://www.nsfocus.com/homepage/research/pgpkey.asc"
      },
      {
        "trust": 0.1,
        "url": "http://www.nsfocus.com)"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-19948"
      },
      {
        "db": "BID",
        "id": "19178"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-000458"
      },
      {
        "db": "PACKETSTORM",
        "id": "48616"
      },
      {
        "db": "PACKETSTORM",
        "id": "48652"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-3840"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200607-462"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-19948"
      },
      {
        "db": "BID",
        "id": "19178"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-000458"
      },
      {
        "db": "PACKETSTORM",
        "id": "48616"
      },
      {
        "db": "PACKETSTORM",
        "id": "48652"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-3840"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200607-462"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2006-07-27T00:00:00",
        "db": "VULHUB",
        "id": "VHN-19948"
      },
      {
        "date": "2006-07-26T00:00:00",
        "db": "BID",
        "id": "19178"
      },
      {
        "date": "2007-04-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2006-000458"
      },
      {
        "date": "2006-07-28T01:04:26",
        "db": "PACKETSTORM",
        "id": "48616"
      },
      {
        "date": "2006-07-28T03:19:00",
        "db": "PACKETSTORM",
        "id": "48652"
      },
      {
        "date": "2006-07-27T11:04:00",
        "db": "NVD",
        "id": "CVE-2006-3840"
      },
      {
        "date": "2006-07-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200607-462"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-10-17T00:00:00",
        "db": "VULHUB",
        "id": "VHN-19948"
      },
      {
        "date": "2006-07-28T23:22:00",
        "db": "BID",
        "id": "19178"
      },
      {
        "date": "2007-04-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2006-000458"
      },
      {
        "date": "2018-10-17T21:31:50.767000",
        "db": "NVD",
        "id": "CVE-2006-3840"
      },
      {
        "date": "2006-08-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200607-462"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "48652"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200607-462"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "ISS Product  SMB Mailslot Service disruption in analysis  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-000458"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "resource management error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200607-462"
      }
    ],
    "trust": 0.6
  }
}

GHSA-8QR2-G9HF-F52C

Vulnerability from github – Published: 2022-05-01 07:12 – Updated: 2022-05-01 07:12

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-3840"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-07-27T11:04:00Z",
    "severity": "MODERATE"
  },
  "details": "The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode.",
  "id": "GHSA-8qr2-g9hf-f52c",
  "modified": "2022-05-01T07:12:56Z",
  "published": "2022-05-01T07:12:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-3840"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27965"
    },
    {
      "type": "WEB",
      "url": "https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21219"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1016590"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1016591"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1016592"
    },
    {
      "type": "WEB",
      "url": "http://www.nsfocus.com/english/homepage/research/0607.htm"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/441278/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/19178"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/2996"
    },
    {
      "type": "WEB",
      "url": "http://xforce.iss.net/xforce/alerts/id/230"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2006-3840

Vulnerability from fkie_nvd - Published: 2006-07-27 11:04 - Updated: 2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/21219	Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1016590
cve@mitre.org	http://securitytracker.com/id?1016591
cve@mitre.org	http://securitytracker.com/id?1016592
cve@mitre.org	http://www.nsfocus.com/english/homepage/research/0607.htm
cve@mitre.org	http://www.securityfocus.com/archive/1/441278/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/19178
cve@mitre.org	http://www.vupen.com/english/advisories/2006/2996	Vendor Advisory
cve@mitre.org	http://xforce.iss.net/xforce/alerts/id/230	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/27965
cve@mitre.org	https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21219	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1016590
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1016591
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1016592
af854a3a-2127-422b-91ae-364da2661108	http://www.nsfocus.com/english/homepage/research/0607.htm
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/441278/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/19178
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/2996	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://xforce.iss.net/xforce/alerts/id/230	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/27965
af854a3a-2127-422b-91ae-364da2661108	https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630

Impacted products

Vendor	Product	Version
iss	blackice_pc_protection	3.6cpk
iss	blackice_server_protection	3.6cpk
iss	proventia_desktop	8.0.675.1790
iss	proventia_desktop	8.0.812.1790
iss	realsecure_desktop	7.0epk
iss	realsecure_network	7.0
iss	realsecure_server_sensor	7.0
iss	proventia_a_series_xpu	*
iss	proventia_g_series_xpu	*
iss	proventia_m_series_xpu	*
iss	proventia_server	1.0.914.1880

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:iss:blackice_pc_protection:3.6cpk:*:*:*:*:*:*:*",
              "matchCriteriaId": "643BC973-847D-43EB-A1BE-356C36F61123",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:blackice_server_protection:3.6cpk:*:*:*:*:*:*:*",
              "matchCriteriaId": "22CCE20A-E955-4630-9D6A-FBEF9DE5595B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:proventia_desktop:8.0.675.1790:*:*:*:*:*:*:*",
              "matchCriteriaId": "1538F0E9-E5B9-4D2D-B5FC-084DFB9A2899",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:proventia_desktop:8.0.812.1790:*:*:*:*:*:*:*",
              "matchCriteriaId": "27D878CE-7CB9-4A24-B836-4E14447F53B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_desktop:7.0epk:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3CEB52E-9D4F-456A-A0C9-38E9D5FB6770",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_network:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8282F03-33D2-4545-9E36-3FC0EB6B291F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "216E89B1-4096-487C-AB3A-79FF2FAE523B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:iss:proventia_a_series_xpu:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDCF39B2-42A9-4B6E-B70B-0DA8D61E1ED1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_g_series_xpu:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA4C8341-4801-4751-88EB-1F5048C49778",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_m_series_xpu:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F4318C6-AF27-4099-AAE9-3DDC6DA202FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:iss:proventia_server:1.0.914.1880:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EDE7886-53E6-4E97-A6ED-F97CF31714C3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode."
    },
    {
      "lang": "es",
      "value": "La funcionalidad SMB Mailslot en PAM en m\u00faltiples productos ISS con XPU (24.39/1.78/epj/x.x.x.1780), incluyendo Proventia A, G, M, Server, y Desktop, BlackICE PC y Server Protection 3.6, y RealSecure 7.0,permiten a atacantes remotos provocar denegaci\u00f3n de servicio (bucle infinito) a trav\u00e9s de paquetes SMB manipulados que no son manejados adecuadamente por el decodificador SMB_Mailslot_Heap_Overflow."
    }
  ],
  "id": "CVE-2006-3840",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-07-27T11:04:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21219"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1016590"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1016591"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1016592"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.nsfocus.com/english/homepage/research/0607.htm"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/441278/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/19178"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/2996"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://xforce.iss.net/xforce/alerts/id/230"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27965"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21219"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1016590"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1016591"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1016592"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.nsfocus.com/english/homepage/research/0607.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/441278/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/19178"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/2996"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://xforce.iss.net/xforce/alerts/id/230"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27965"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTA-2006-AVI-314

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été identifiée dans les produits ISS RealSecure/BlackICE. Une personne malveillante peut envoyer un paquet spécialement conçu utilisant cette dernière afin de créer un déni de service sur le système vulnérable.

Description

Une vulnérabilité a été identifiée dans les outils de sécurité d'ISS RealSecure/BlackICE. Ils analysent le protocole SMB/TCP afin de détecter des codes malveillants visant la vulnérabilité SMB Mailhost décrite dans l'avis Microsoft MS06-035. Cependant, la phase d'analyse n'est pas correctement effectuée, et du trafic pouvant être légitime cause une erreur dans le système affecté, ou provoque une perte de connexion nécessitant un redémarrage. Une personne malveillante peut également envoyer des paquets similaires afin de créer un déni de service.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs, prénommés XPU (XPU 24.40) par ISS (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	ISS Proventia Desktop ;
N/A	N/A	ISS RealSecure Network Sensor 7.0 ;
N/A	N/A	ISS RealSecure Desktop;
N/A	N/A	ISS Proventia G Series ;
N/A	N/A	ISS Proventia A Series ;
N/A	N/A	ISS Proventia Server ;
N/A	N/A	ISS RealSecure Server Sensor 7.0.
N/A	N/A	ISS Proventia M Series ;
N/A	N/A	ISS BlackICE Server Protection 3.6 ;
N/A	N/A	ISS BlackICE PC Protection 3.6 ;

References

Title

Publication Time

Tags

Alerte de sécurité de ISS (Internet Security Systems) du 26 juillet 2006	None	vendor-advisory
Bulletin de sécurité Microsoft MS06-035 du 11 juillet 2006 :	-	other
Site de mise à jour d'ISS :	-	other
Avis du CERTA CERTA-2006-AVI-283 correspondant au bulletin Microsoft MS06-035 :	-	other
Alerte de sécurité de ISS (Internet Security Systems) du 26 juillet 2006 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "ISS Proventia Desktop ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "ISS RealSecure Network Sensor 7.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "ISS RealSecure Desktop;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "ISS Proventia G Series ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "ISS Proventia A Series ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "ISS Proventia Server ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "ISS RealSecure Server Sensor 7.0.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "ISS Proventia M Series ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "ISS BlackICE Server Protection 3.6 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "ISS BlackICE PC Protection 3.6 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identifi\u00e9e dans les outils de s\u00e9curit\u00e9 d\u0027ISS\nRealSecure/BlackICE. Ils analysent le protocole SMB/TCP afin de d\u00e9tecter\ndes codes malveillants visant la vuln\u00e9rabilit\u00e9 SMB Mailhost d\u00e9crite dans\nl\u0027avis Microsoft MS06-035. Cependant, la phase d\u0027analyse n\u0027est pas\ncorrectement effectu\u00e9e, et du trafic pouvant \u00eatre l\u00e9gitime cause une\nerreur dans le syst\u00e8me affect\u00e9, ou provoque une perte de connexion\nn\u00e9cessitant un red\u00e9marrage. Une personne malveillante peut \u00e9galement\nenvoyer des paquets similaires afin de cr\u00e9er un d\u00e9ni de service.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs, pr\u00e9nomm\u00e9s XPU (XPU 24.40) par ISS (cf. section\nDocumentation).\n",
  "cves": [
    {
      "name": "CVE-2006-3840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3840"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS06-035 du 11 juillet 2006    :",
      "url": "http://www.microsoft.com/france/technet/security/Bulletin/MS06-035.mspx"
    },
    {
      "title": "Site de mise \u00e0 jour d\u0027ISS :",
      "url": "http://www.iss.net/download"
    },
    {
      "title": "Avis du CERTA CERTA-2006-AVI-283 correspondant au bulletin    Microsoft MS06-035 :",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2006-AVI-283/"
    },
    {
      "title": "Alerte de s\u00e9curit\u00e9 de ISS (Internet Security Systems) du 26    juillet 2006 :",
      "url": "http://xforce.iss.net/xforce/alerts/id/230"
    }
  ],
  "reference": "CERTA-2006-AVI-314",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2006-07-27T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identifi\u00e9e dans les produits ISS\nRealSecure/BlackICE. Une personne malveillante peut envoyer un paquet\nsp\u00e9cialement con\u00e7u utilisant cette derni\u00e8re afin de cr\u00e9er un d\u00e9ni de\nservice sur le syst\u00e8me vuln\u00e9rable.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans les produits ISS",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Alerte de s\u00e9curit\u00e9 de ISS (Internet Security Systems) du 26 juillet 2006",
      "url": null
    }
  ]
}

CERTA-2006-AVI-314

Vulnerability from certfr_avis - Published: - Updated:

Description

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs, prénommés XPU (XPU 24.40) par ISS (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	ISS Proventia Desktop ;
N/A	N/A	ISS RealSecure Network Sensor 7.0 ;
N/A	N/A	ISS RealSecure Desktop;
N/A	N/A	ISS Proventia G Series ;
N/A	N/A	ISS Proventia A Series ;
N/A	N/A	ISS Proventia Server ;
N/A	N/A	ISS RealSecure Server Sensor 7.0.
N/A	N/A	ISS Proventia M Series ;
N/A	N/A	ISS BlackICE Server Protection 3.6 ;
N/A	N/A	ISS BlackICE PC Protection 3.6 ;

References

Title

Publication Time

Tags

Alerte de sécurité de ISS (Internet Security Systems) du 26 juillet 2006	None	vendor-advisory
Bulletin de sécurité Microsoft MS06-035 du 11 juillet 2006 :	-	other
Site de mise à jour d'ISS :	-	other
Avis du CERTA CERTA-2006-AVI-283 correspondant au bulletin Microsoft MS06-035 :	-	other
Alerte de sécurité de ISS (Internet Security Systems) du 26 juillet 2006 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "ISS Proventia Desktop ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "ISS RealSecure Network Sensor 7.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "ISS RealSecure Desktop;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "ISS Proventia G Series ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "ISS Proventia A Series ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "ISS Proventia Server ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "ISS RealSecure Server Sensor 7.0.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "ISS Proventia M Series ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "ISS BlackICE Server Protection 3.6 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "ISS BlackICE PC Protection 3.6 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identifi\u00e9e dans les outils de s\u00e9curit\u00e9 d\u0027ISS\nRealSecure/BlackICE. Ils analysent le protocole SMB/TCP afin de d\u00e9tecter\ndes codes malveillants visant la vuln\u00e9rabilit\u00e9 SMB Mailhost d\u00e9crite dans\nl\u0027avis Microsoft MS06-035. Cependant, la phase d\u0027analyse n\u0027est pas\ncorrectement effectu\u00e9e, et du trafic pouvant \u00eatre l\u00e9gitime cause une\nerreur dans le syst\u00e8me affect\u00e9, ou provoque une perte de connexion\nn\u00e9cessitant un red\u00e9marrage. Une personne malveillante peut \u00e9galement\nenvoyer des paquets similaires afin de cr\u00e9er un d\u00e9ni de service.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs, pr\u00e9nomm\u00e9s XPU (XPU 24.40) par ISS (cf. section\nDocumentation).\n",
  "cves": [
    {
      "name": "CVE-2006-3840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3840"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS06-035 du 11 juillet 2006    :",
      "url": "http://www.microsoft.com/france/technet/security/Bulletin/MS06-035.mspx"
    },
    {
      "title": "Site de mise \u00e0 jour d\u0027ISS :",
      "url": "http://www.iss.net/download"
    },
    {
      "title": "Avis du CERTA CERTA-2006-AVI-283 correspondant au bulletin    Microsoft MS06-035 :",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2006-AVI-283/"
    },
    {
      "title": "Alerte de s\u00e9curit\u00e9 de ISS (Internet Security Systems) du 26    juillet 2006 :",
      "url": "http://xforce.iss.net/xforce/alerts/id/230"
    }
  ],
  "reference": "CERTA-2006-AVI-314",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2006-07-27T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identifi\u00e9e dans les produits ISS\nRealSecure/BlackICE. Une personne malveillante peut envoyer un paquet\nsp\u00e9cialement con\u00e7u utilisant cette derni\u00e8re afin de cr\u00e9er un d\u00e9ni de\nservice sur le syst\u00e8me vuln\u00e9rable.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans les produits ISS",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Alerte de s\u00e9curit\u00e9 de ISS (Internet Security Systems) du 26 juillet 2006",
      "url": null
    }
  ]
}

GSD-2006-3840

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2006-3840

Aliases

CVE-2006-3840

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-3840",
    "description": "The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode.",
    "id": "GSD-2006-3840"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-3840"
      ],
      "details": "The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode.",
      "id": "GSD-2006-3840",
      "modified": "2023-12-13T01:19:57.663211Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2006-3840",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630",
            "refsource": "CONFIRM",
            "url": "https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630"
          },
          {
            "name": "20060727 NSFOCUS SA2006-07 : ISS RealSecure/BlackICE MailSlot Heap Overflow Detection Remote DoS Vulnerability",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/441278/100/0/threaded"
          },
          {
            "name": "http://www.nsfocus.com/english/homepage/research/0607.htm",
            "refsource": "MISC",
            "url": "http://www.nsfocus.com/english/homepage/research/0607.htm"
          },
          {
            "name": "21219",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/21219"
          },
          {
            "name": "ADV-2006-2996",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/2996"
          },
          {
            "name": "1016592",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1016592"
          },
          {
            "name": "20060726 Protocol Parsing Bug in SMB Mailslot Parsing in ISS Products",
            "refsource": "ISS",
            "url": "http://xforce.iss.net/xforce/alerts/id/230"
          },
          {
            "name": "19178",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/19178"
          },
          {
            "name": "1016590",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1016590"
          },
          {
            "name": "pam-smb-mailslot-dos(27965)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27965"
          },
          {
            "name": "1016591",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1016591"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:iss:realsecure_desktop:7.0epk:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:iss:realsecure_network:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:iss:blackice_pc_protection:3.6cpk:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:iss:blackice_server_protection:3.6cpk:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:iss:proventia_desktop:8.0.675.1790:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:iss:proventia_desktop:8.0.812.1790:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:iss:proventia_a_series_xpu:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:iss:proventia_g_series_xpu:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:iss:proventia_m_series_xpu:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:iss:proventia_server:1.0.914.1880:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-3840"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630"
            },
            {
              "name": "20060726 Protocol Parsing Bug in SMB Mailslot Parsing in ISS Products",
              "refsource": "ISS",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://xforce.iss.net/xforce/alerts/id/230"
            },
            {
              "name": "http://www.nsfocus.com/english/homepage/research/0607.htm",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.nsfocus.com/english/homepage/research/0607.htm"
            },
            {
              "name": "19178",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/19178"
            },
            {
              "name": "1016592",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1016592"
            },
            {
              "name": "1016590",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1016590"
            },
            {
              "name": "1016591",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1016591"
            },
            {
              "name": "21219",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/21219"
            },
            {
              "name": "ADV-2006-2996",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/2996"
            },
            {
              "name": "pam-smb-mailslot-dos(27965)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27965"
            },
            {
              "name": "20060727 NSFOCUS SA2006-07 : ISS RealSecure/BlackICE MailSlot Heap Overflow Detection Remote DoS Vulnerability",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/441278/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-17T21:31Z",
      "publishedDate": "2006-07-27T11:04Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2006-3840 (GCVE-0-2006-3840)

VAR-200607-0397

Affected systems & software

Unaffected systems & software

Summary

Description

Workaround

Vendor Status

Additional Information

Acknowledgment

DISCLAIMS

GHSA-8QR2-G9HF-F52C

FKIE_CVE-2006-3840

CERTA-2006-AVI-314

Description

Solution

CERTA-2006-AVI-314

Description

Solution

GSD-2006-3840

Tags

Sightings

Nomenclature