Reported March 18, 2004 by Internet Security Systems.

 

 

VERSIONS AFFECTED

 

  • RealSecure Network 7.0, XPU 22.11 and earlier

  • RealSecure Server Sensor 7.0 XPU 22.11 and earlier

  • RealSecure Server Sensor 6.5 for Windows SR 3.10 and earlier

  • Proventia A Series XPU 22.11 and earlier

  • Proventia G Series XPU 22.11 and earlier

  • Proventia M Series XPU 1.9 and earlier

  • RealSecure Desktop 7.0 ebl and earlier

  • RealSecure Desktop 3.6 ecf and earlier

  • RealSecure Guard 3.6 ecf and earlier

  • RealSecure Sentry 3.6 ecf and earlier

  • BlackICE Agent for Server 3.6 ecf and earlier

  • BlackICE PC Protection 3.6 ccf and earlier

  • BlackICE Server Protection 3.6 ccf and earlier

 

DESCRIPTION

 

A buffer-overflow vulnerability exists in Internet Security Systems' Protocol Analysis Module component for the above products. The vulnerability results from insufficient size checks on certain protocol fields in ICQ instant messaging (IM) protocol response data and could lead to remote compromise of the vulnerable system.

<span style="font-family:Verdana"> </h3>
<b><span style="font-family:Verdana;
color:purple">VENDOR RESPONSE</h3></b>
 
<span style="font-size:10.0pt;
font-family:Verdana">Internet Security Systems has released an <a href="http://xforce.iss.net/xforce/alerts/id/166" style="color: blue; text-decoration: underline; text-underline: single">advisory</a> and recommends that affected customers apply the appropriate available <a href="http://www.iss.net/download" style="color: blue; text-decoration: underline; text-underline: single">patch</a>.</h3>

 

CREDIT

Discovered by eEye Digital Security.