Description: eEye Digital Security has discovered a vulnerability in multiple ISS products, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to a boundary error in the ISS Protocol Analysis Module (PAM) component when re-assembling an analysed SMB (Server Message Block) packet.
This can be exploited to cause a heap overflow by sending a specially crafted "SMB Session Setup AndX request" SMB packet containing an overly long value (about 300 bytes) in the "AccountName" field.
Successful exploitation may allow execution of arbitrary code with SYSTEM privileges.
The vulnerability reportedly affects the following products:
* Proventia A Series XPU 20.15 through 22.9
* Proventia G Series XPU 22.3 through 22.9
* Proventia M Series XPU 1.3 through 1.7
* BlackICE PC Protection 3.6 cbr through ccb
* BlackICE Server Protection 3.6 cbr through ccb
* RealSecure Network 7.0, XPU 20.15 through 22.9
* RealSecure Server Sensor 7.0 XPU 20.16 through 22.9
* RealSecure Desktop 7.0 eba through ebh
* RealSecure Desktop 3.6 ebr through ecb
* RealSecure Guard 3.6 ebr through ecb
* RealSecure Sentry 3.6 ebr through ecb
Do you have this product installed on your home computer? Scan using the free Personal Software Inspector. Check if a vulnerable version is installed on computers in your corporate network, scan using the Network Software Inspector.
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
