VAR-200205-0034
Vulnerability from variot - Updated: 2023-12-18 13:05Buffer overflow in ISS BlackICE Defender 2.9 and earlier, BlackICE Agent 3.0 and 3.1, and RealSecure Server Sensor 6.0.1 and 6.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a flood of large ICMP ping packets. Internet Security Systems's BlackICE Defender, BlackICE Agent and RealSecure Server Sensor, are network intrusion detection systems which run in Microsoft Windows environments. A buffer overflow condition has been reported in these products which can be exploited by a remote user. Exploitation is achievable via a ping flood attack. Sending a series of large Echo Request (ping) packets to a target host will trigger the overflow. It is possible to execute arbitrary code with kernel-level privileges. Only Windows 2000 and XP hosts are affected by this vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200205-0034",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "blackice agent",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "3.0"
},
{
"model": "blackice defender",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "2.9cap"
},
{
"model": "blackice defender",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "2.9"
},
{
"model": "blackice defender",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "2.9caq"
},
{
"model": "realsecure server sensor",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "6.0.1"
},
{
"model": "realsecure server sensor",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "6.5"
},
{
"model": "blackice agent",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "3.1"
},
{
"model": "security systems realsecure server sensor win",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "6.5"
},
{
"model": "security systems realsecure server sensor win",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "6.0.1"
},
{
"model": "security systems blackice defender caq",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "2.9"
},
{
"model": "security systems blackice defender cap",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "2.9"
},
{
"model": "security systems blackice defender",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "2.9"
},
{
"model": "security systems blackice agent",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.1"
},
{
"model": "security systems blackice agent",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.0"
},
{
"model": "security systems blackice defender car",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "2.9"
}
],
"sources": [
{
"db": "BID",
"id": "4025"
},
{
"db": "NVD",
"id": "CVE-2002-0237"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-101"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:6.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_agent:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_agent:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_defender:2.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_defender:2.9cap:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:blackice_defender:2.9caq:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0237"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Matt Taylor\u203b quisit@quest.net",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200205-101"
}
],
"trust": 0.6
},
"cve": "CVE-2002-0237",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-4630",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2002-0237",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200205-101",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-4630",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4630"
},
{
"db": "NVD",
"id": "CVE-2002-0237"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-101"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in ISS BlackICE Defender 2.9 and earlier, BlackICE Agent 3.0 and 3.1, and RealSecure Server Sensor 6.0.1 and 6.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a flood of large ICMP ping packets. Internet Security Systems\u0027s BlackICE Defender, BlackICE Agent and RealSecure Server Sensor, are network intrusion detection systems which run in Microsoft Windows environments. \nA buffer overflow condition has been reported in these products which can be exploited by a remote user. Exploitation is achievable via a ping flood attack. \nSending a series of large Echo Request (ping) packets to a target host will trigger the overflow. \nIt is possible to execute arbitrary code with kernel-level privileges. Only Windows 2000 and XP hosts are affected by this vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0237"
},
{
"db": "BID",
"id": "4025"
},
{
"db": "VULHUB",
"id": "VHN-4630"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "4025",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2002-0237",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200205-101",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20020204 VULNERABILITY IN BLACK ICE DEFENDER",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20020209 ALERT: ISS BLACKICE KERNEL OVERFLOW EXPLOITABLE",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20020206 BLACK ICE PING VULNERABILITY SIDE NOTE",
"trust": 0.6
},
{
"db": "ISS",
"id": "20020204 DOS AND POTENTIAL OVERFLOW VULNERABILITY IN BLACKICE PRODUCTS",
"trust": 0.6
},
{
"db": "NTBUGTRAQ",
"id": "20020209 ALERT: ISS BLACKICE KERNEL OVERFLOW EXPLOITABLE",
"trust": 0.6
},
{
"db": "XF",
"id": "8058",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-4630",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4630"
},
{
"db": "BID",
"id": "4025"
},
{
"db": "NVD",
"id": "CVE-2002-0237"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-101"
}
]
},
"id": "VAR-200205-0034",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-4630"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:05:36.078000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0237"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/4025"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/alerts/advise109.php"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/8058.php"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=101286393404301\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=101302424803268\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=101321744807452\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=ntbugtraq\u0026m=101353165915171\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=101321744807452\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=ntbugtraq\u0026m=101353165915171\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=101302424803268\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=101286393404301\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.networkice.com/products/blackice_defender.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4630"
},
{
"db": "BID",
"id": "4025"
},
{
"db": "NVD",
"id": "CVE-2002-0237"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-101"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-4630"
},
{
"db": "BID",
"id": "4025"
},
{
"db": "NVD",
"id": "CVE-2002-0237"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-101"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-05-29T00:00:00",
"db": "VULHUB",
"id": "VHN-4630"
},
{
"date": "2002-02-04T00:00:00",
"db": "BID",
"id": "4025"
},
{
"date": "2002-05-29T04:00:00",
"db": "NVD",
"id": "CVE-2002-0237"
},
{
"date": "2002-02-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200205-101"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-4630"
},
{
"date": "2002-02-04T00:00:00",
"db": "BID",
"id": "4025"
},
{
"date": "2016-10-18T02:17:24.837000",
"db": "NVD",
"id": "CVE-2002-0237"
},
{
"date": "2005-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200205-101"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200205-101"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ISS BlackICE and RealSecure Remote denial of service vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200205-101"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "4025"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-101"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…