CVE-2006-3840

Severity

50%

Complexity

99%

Confidentiality

48%

The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode.

The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode.

CVSS 2.0 Base Score 5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P).

Overview

Type

Internet Security Systems

First reported 18 years ago

2006-07-27 11:04:00

Last updated 6 years ago

2018-10-17 21:31:00

Affected Software

Internet Security Systems BlackICE PC Protection 3.6cpk

3.6cpk

Internet Security Systems BlackICE Server Protection 3.6cpk

3.6cpk

Internet Security Systems Proventia Desktop 8.0.675.1790

8.0.675.1790

Internet Security Systems Proventia Desktop 8.0.812.1790

8.0.812.1790

Internet Security Systems RealSecure Desktop 7.0epk

7.0epk

Internet Security Systems RealSecure Network 7.0

7.0

Internet Security Systems RealSecure Server Sensor 7.0

7.0

Internet Security Systems Proventia A Series XPU

Internet Security Systems Proventia G Series XPU

Internet Security Systems Proventia M Series XPU

Internet Security Systems Proventia Server 1.0.914.1880

1.0.914.1880

References

21219

Vendor Advisory

1016590

1016591

1016592

http://www.nsfocus.com/english/homepage/research/0607.htm

20060727 NSFOCUS SA2006-07 : ISS RealSecure/BlackICE MailSlot Heap Overflow Detection Remote DoS Vulnerability

19178

ADV-2006-2996

Vendor Advisory

20060726 Protocol Parsing Bug in SMB Mailslot Parsing in ISS Products

Vendor Advisory

pam-smb-mailslot-dos(27965)

https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.