BlackICE 'SMB_MailSlot_Heap_Overflow Decode' Parsing Error Lets Remote Users Deny Service
|
|
SecurityTracker Alert ID: 1016590
|
|
SecurityTracker URL: http://securitytracker.com/id?1016590
|
|
CVE Reference: CVE-2006-3840
(Links to External Site)
|
Date: Jul 27 2006
|
Impact: Denial of service via network
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): prior to 3.6 cpk
|
Description: A vulnerability was reported in BlackICE. A remote user can cause denial of service conditions.
A vulnerability resides in the July XPUs in the virtual patch protection against the vulnerability described in Microsoft Security
Bulletin MS06-035. A remote user can send valid SMB Mailslot data to trigger a protocol parsing error and cause the target protocol
analysis module to stop responding.
ISS credits NSFOCUS Security Team with reporting this vulnerability.
|
Impact: A remote user can cause denial of service conditions.
|
Solution: The vendor has issued a fix (BlackICE PC Protection 3.6 cpk, BlackICE Server Protection 3.6 cpk).
The ISS advisory is available
at:
http://xforce.iss.net/xforce/alerts/id/230
Additional information is available at:
https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3
630
|
Vendor URL: xforce.iss.net/xforce/alerts/id/230 (Links to External Site)
|
Cause: Input validation error, State error
|
Underlying OS: Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Thu, 27 Jul 2006 02:57:49 -0400
Subject: Protocol Parsing Bug in SMB Mailslot Parsing in ISS Products
|
http://xforce.iss.net/xforce/alerts/id/230
CVE-2006-3840
The following products are affected:
RealSecure, Proventia, and BlackICE
|
|
