ISS BlackICE / RealSecure Large ICMP Ping Packet Overflow DoS

High Nessus Plugin ID 10927


The application running on the remote host has a remote buffer overflow vulnerability.


The remote host appears to be running either BlackICE or RealSecure Server Sensor.

This application has a remote buffer overflow vulnerability. It was possible to crash the application by flooding it with 10 KB ping packets.

A remote attacker could exploit this to cause a denial of service, or potentially execute arbitrary code.


Apply the appropriate patch referenced in the ISS advisory.

See Also

Plugin Details

Severity: High

ID: 10927

File Name: blackice_dos.nasl

Version: $Revision: 1.30 $

Type: remote

Family: Firewalls

Published: 2002/03/29

Modified: 2016/11/15

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

Required KB Items: Settings/ThoroughTests, Settings/ParanoidReport

Exploit Available: false

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 2002/02/04

Reference Information

CVE: CVE-2002-0237

BID: 4025

OSVDB: 2039