ISS BlackICE Multiple Remote Vulnerabilities

Critical Nessus Plugin ID 12114


The firewall running on the remote host has multiple buffer overflow vulnerabilities.


ISS BlackICE is a personal Firewall/IDS for windows Desktops. Several remote holes have been found in the product. An attacker, exploiting these flaws, would be able to either crash the remote firewall/IDS service or execute code on the target machine.

According to the remote version number, the remote host is vulnerable to at least one remote overflow.


Upgrade to the latest version of BlackICE.

See Also

Plugin Details

Severity: Critical

ID: 12114

File Name: blackice_version_checker.nasl

Version: $Revision: 1.29 $

Type: local

Agent: windows

Family: Windows

Published: 2004/03/19

Modified: 2016/05/04

Dependencies: 14270

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

Required KB Items: SMB/BlackICE/Version

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2004/02/26

Vulnerability Publication Date: 2000/06/20

Reference Information

CVE: CVE-2000-0562, CVE-2002-0237, CVE-2002-0956, CVE-2002-0957, CVE-2004-0193, CVE-2004-2125, CVE-2004-2126

BID: 1389, 4025, 4950, 9513, 9514, 9752

OSVDB: 2039, 3740, 4072, 4699, 4700, 4701, 4704, 8701