ISS BlackICE Multiple Remote Vulnerabilities

critical Nessus Plugin ID 12114

Synopsis

The firewall running on the remote host has multiple buffer overflow vulnerabilities.

Description

ISS BlackICE is a personal Firewall/IDS for windows Desktops. Several remote holes have been found in the product. An attacker, exploiting these flaws, would be able to either crash the remote firewall/IDS service or execute code on the target machine.

According to the remote version number, the remote host is vulnerable to at least one remote overflow.

Solution

Upgrade to the latest version of BlackICE.

See Also

http://www.eeye.com/html/Research/Advisories/AD20040226.html

http://www.eeye.com/html/Research/Advisories/AD20040318.html

Plugin Details

Severity: Critical

ID: 12114

File Name: blackice_version_checker.nasl

Version: 1.30

Type: local

Agent: windows

Family: Windows

Published: 3/19/2004

Updated: 6/27/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.8

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: SMB/BlackICE/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 2/26/2004

Vulnerability Publication Date: 6/20/2000

Reference Information

CVE: CVE-2000-0562, CVE-2002-0237, CVE-2002-0956, CVE-2002-0957, CVE-2004-0193, CVE-2004-2125, CVE-2004-2126

BID: 1389, 4025, 4950, 9513, 9514, 9752