CVE-2002-0237

Severity

75%

Complexity

99%

Confidentiality

106%

Buffer overflow in ISS BlackICE Defender 2.9 and earlier, BlackICE Agent 3.0 and 3.1, and RealSecure Server Sensor 6.0.1 and 6.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a flood of large ICMP ping packets.

Buffer overflow in ISS BlackICE Defender 2.9 and earlier, BlackICE Agent 3.0 and 3.1, and RealSecure Server Sensor 6.0.1 and 6.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a flood of large ICMP ping packets.

CVSS 2.0 Base Score 7.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P).

Overview

Type

Internet Security Systems

First reported 22 years ago

2002-05-29 04:00:00

Last updated 8 years ago

2016-10-18 02:17:00

Affected Software

Internet Security Systems BlackICE Agent 3.0

3.0

Internet Security Systems BlackICE Agent 3.1

3.1

Internet Security Systems BlackICE Defender 2.9

2.9

Internet Security Systems BlackICE Defender 2.9cap

2.9cap

Internet Security Systems RealSecure Server Sensor 6.0.1

6.0.1

Internet Security Systems RealSecure Server Sensor 6.5

6.5

References

20020204 Vulnerability in Black ICE Defender

20020206 Black ICE Ping Vulnerability Side Note

20020209 ALERT: ISS BlackICE Kernel Overflow Exploitable

20020209 ALERT: ISS BlackICE Kernel Overflow Exploitable

20020204 DoS and Potential Overflow Vulnerability in BlackICE Products

Patch, Vendor Advisory

blackice-ping-flood-dos(8058)

Patch, Vendor Advisory

4025

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.