MidnightBSD

Advisories for iss

CVE-1999-1168 HIGH

install.iss installation script for Internet Security Scanner (ISS) for Linux, version 5.3, allows local users to change the permissions of arbitrary files via a symlink attack on a temporary file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
iss internet_security_scanner 5.3
CVE-2000-0562 HIGH

BlackIce Defender 2.1 and earlier, and BlackIce Pro 2.0.23 and earlier, do not properly block Back Orifice traffic when the security setting is Nervous or lower.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
iss blackice_defender *
iss blackice_agent *
CVE-2000-0692 MEDIUM

ISS RealSecure 3.2.1 and 3.2.2 allows remote attackers to cause a denial of service via a flood of fragmented packets with the SYN flag set.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
iss realsecure 3.2.2
iss realsecure 3.2.1
CVE-2001-0669 HIGH

Various Intrusion Detection Systems (IDS) including (1) Cisco Secure Intrusion Detection System, (2) Cisco Catalyst 6000 Intrusion Detection System Module, (3) Dragon Sensor 4.x, (4) Snort before 1.8.1, (5) ISS RealSecure Network Sensor 5.x and 6.x before XPU 3.2, and (6) ISS RealSecure Server Sensor 5.5 and 6.0 for Windows, allow remote attackers to evade detection of HTTP attacks via non-standard "%u" Unicode encoding of ASCII characters in the requested URL.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
iss realsecure_network_sensor 6.x
iss realsecure_server_sensor 5.5
iss realsecure_server_sensor 6.0
iss realsecure_network_sensor 5.x
enterasys dragon 4.x
cisco catalyst_6000_intrusion_detection_system_module *
snort snort 1.8.1
cisco secure_intrusion_detection_system *
CVE-2002-0237 HIGH

Buffer overflow in ISS BlackICE Defender 2.9 and earlier, BlackICE Agent 3.0 and 3.1, and RealSecure Server Sensor 6.0.1 and 6.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a flood of large ICMP ping packets.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
iss realsecure_server_sensor 6.5
iss blackice_agent 3.0
iss blackice_defender 2.9
iss blackice_defender 2.9cap
iss blackice_defender 2.9caq
iss blackice_agent 3.1
iss realsecure_server_sensor 6.0.1
CVE-2002-0480 HIGH

ISS RealSecure for Nokia devices before IPSO build 6.0.2001.141d is configured to allow a user "skank" on a machine "starscream" to become a key manager when the "first time connection" feature is enabled and before any legitimate administrators have connected, which could allow remote attackers to gain access to the device during installation.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
iss realsecure_nokia 6.0
CVE-2002-0956 HIGH

BlackICE Agent 3.1.eal does not always reactivate after a system standby, which could allow remote attackers and local users to bypass intended firewall restrictions.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
iss blackice_agent 3.1eal
CVE-2002-0957 MEDIUM

The default configuration of BlackICE Agent 3.1.eal and 3.1.ebh has a high tcp.maxconnections setting, which could allow remote attackers to cause a denial of service (memory consumption) via a large number of connections to the BlackICE system that consumes more resources than intended by the user.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
iss blackice_agent 3.1eal
iss blackice_agent 3.1ebh
CVE-2002-1122 HIGH

Buffer overflow in the parsing mechanism for ISS Internet Scanner 6.2.1, when using the license banner HTTP check, allows remote attackers to execute arbitrary code via a long web server response.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
iss internet_scanner 6.2.1
CVE-2002-1280 MEDIUM

Memory leak in RealSecure Event Collector 6.5 allows attackers to cause a denial of service (memory consumption and crash).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
iss realsecure_event_collector 6.5
CVE-2003-0702 MEDIUM

Unknown vulnerability in an ISAPI plugin for ISS Server Sensor 7.0 XPU 20.16, 20.18, and possibly other versions before 20.19, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code in Internet Information Server (IIS) via a certain URL through SSL.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
iss realsecure_server_sensor 7.0
CVE-2003-1527 MEDIUM

BlackICE Defender 2.9.cap and Server Protection 3.5.cdf, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
iss blackice_server_protection 3.5.cdf
ibm internet_security_systems_blackice_defender 2.9cap
CVE-2004-0193 HIGH

Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Server Protection 3.6, allows remote attackers to execute arbitrary code via an SMB packet containing an authentication request with a long username.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
iss realsecure_server_sensor 7.0
iss realsecure_desktop 3.6ecf
iss realsecure_guard 3.6ecb
iss blackice_agent_server 3.6eca
iss realsecure_desktop 7.0epk
iss proventia_g_series_xpu 22.3
iss blackice_pc_protection 3.6cbd
iss realsecure_desktop 7.0ebg
iss realsecure_desktop 3.6eca
iss realsecure_sentry 3.6ecf
iss proventia_a_series_xpu 20.15
iss blackice_server_protection 3.6cbz
iss proventia_m_series_xpu 1.30
iss realsecure_network 7.0
CVE-2004-0362 HIGH

Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
iss realsecure_server_sensor 7.0
iss realsecure_desktop 3.6ecf
iss proventia_g_series_xpu 22.5
iss blackice_server_protection 3.6ccd
iss realsecure_sentry 3.6ecb
iss realsecure_server_sensor 6.5_win_sr3.7
iss blackice_server_protection 3.6ccf
iss realsecure_desktop 3.6ece
iss realsecure_network_sensor 7.0
iss proventia_m_series_xpu 1.1
iss blackice_agent_server 3.6ebz
iss proventia_g_series_xpu 22.7
iss proventia_m_series_xpu 1.8
iss proventia_m_series_xpu 1.9
iss realsecure_sentry 3.6ecc
iss realsecure_desktop 3.6eca
iss blackice_agent_server 3.6ecc
iss blackice_server_protection 3.6ccc
iss proventia_a_series_xpu 22.10
iss realsecure_desktop 7.0ebj
iss proventia_m_series_xpu 1.6
iss realsecure_server_sensor 6.0.1_win_sr1.1
iss realsecure_server_sensor 6.5_win_sr3.5
iss proventia_a_series_xpu 22.4
iss proventia_g_series_xpu 22.9
iss proventia_a_series_xpu 22.6
iss realsecure_server_sensor 6.5
iss realsecure_guard 3.6ebz
iss proventia_g_series_xpu 22.2
iss realsecure_desktop 7.0ebk
iss blackice_agent_server 3.6ecb
iss realsecure_server_sensor 6.5_win_sr3.6
iss proventia_a_series_xpu 22.7
iss realsecure_sentry 3.6ebz
iss blackice_agent_server 3.6ece
iss realsecure_guard 3.6ecd
iss proventia_m_series_xpu 1.5
iss blackice_pc_protection 3.6cca
iss realsecure_server_sensor 6.5_win_sr3.1
iss blackice_pc_protection 3.6ccb
iss realsecure_desktop 3.6ecd
iss proventia_a_series_xpu 22.8
iss proventia_a_series_xpu 22.5
iss proventia_a_series_xpu 22.9
iss blackice_server_protection 3.6ccb
iss realsecure_guard 3.6ecf
iss proventia_g_series_xpu 22.1
iss realsecure_server_sensor 6.5_win_sr3.10
iss blackice_pc_protection 3.6cbz
iss realsecure_desktop 7.0ebf
iss realsecure_guard 3.6ecc
iss proventia_m_series_xpu 1.3
iss realsecure_server_sensor 6.5_win_sr3.9
iss realsecure_sentry 3.6ecd
iss realsecure_sentry 3.6eca
iss realsecure_desktop 3.6ecb
iss proventia_m_series_xpu 1.7
iss proventia_g_series_xpu 22.3
iss realsecure_desktop 7.0ebl
iss proventia_a_series_xpu 22.2
iss realsecure_desktop 7.0eba
iss proventia_a_series_xpu 22.1
iss proventia_a_series_xpu 22.3
iss realsecure_server_sensor 6.5_win_sr3.4
iss blackice_pc_protection 3.6ccc
iss realsecure_desktop 3.6ebz
iss blackice_pc_protection 3.6cce
iss proventia_g_series_xpu 22.11
iss realsecure_server_sensor 6.0.1
iss realsecure_server_sensor 6.5_win_sr3.8
iss realsecure_guard 3.6ecb
iss proventia_g_series_xpu 22.4
iss blackice_agent_server 3.6eca
iss proventia_m_series_xpu 1.4
iss blackice_agent_server 3.6ecd
iss proventia_g_series_xpu 22.6
iss proventia_g_series_xpu 22.10
iss blackice_pc_protection 3.6ccd
iss blackice_pc_protection 3.6ccf
iss realsecure_desktop 7.0ebg
iss realsecure_guard 3.6eca
iss proventia_g_series_xpu 22.8
iss realsecure_sentry 3.6ece
iss proventia_m_series_xpu 1.2
iss blackice_server_protection 3.6cca
iss realsecure_server_sensor 6.0
iss realsecure_desktop 7.0ebh
iss realsecure_sentry 3.6ecf
iss blackice_server_protection 3.6cce
iss blackice_server_protection 3.6cbz
iss proventia_a_series_xpu 20.11
iss blackice_agent_server 3.6ecf
iss realsecure_guard 3.6ece
CVE-2004-1714 LOW

BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.ini and (4) protect.ini with Everyone Full Control permissions, which allows local users to cause a denial of service (crash) or modify configuration, as demonstrated by modifying firewall.ini to contain a large firewall rule.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 1.8 5.2

CVSS 2.0

Severity: LOW

Problem Type: CWE-732,

Products Affected

Vendor Product Version
iss blackice_pc_protection 3.6cbz
iss blackice_server_protection 3.6cno
iss blackice_server_protection 3.6ccd
iss blackice_server_protection 3.6cch
iss blackice_pc_protection 3.6cbd
iss blackice_pc_protection 3.6cca
iss blackice_pc_protection 3.6ccd
iss blackice_server_protection 3.6ccf
iss blackice_pc_protection 3.6ccf
iss blackice_pc_protection 3.6ccg
iss blackice_pc_protection 3.6ccb
iss blackice_server_protection 3.5cdf
iss blackice_server_protection 3.6cca
iss blackice_server_protection 3.6ccg
iss blackice_pc_protection 3.6ccc
iss blackice_server_protection 3.6ccc
iss blackice_server_protection 3.6cce
iss blackice_pc_protection 3.6cce
iss blackice_server_protection 3.6ccb
iss blackice_server_protection 3.6cbz
iss blackice_pc_protection 3.6cbr
CVE-2004-2125 MEDIUM

Buffer overflow in blackd.exe for BlackICE PC Protection 3.6 and other versions before 3.6.ccb, with application protection off, allows local users to gain system privileges by modifying the .INI file to contain a long packetLog.fileprefix value.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
iss realsecure_desktop 3.6eca
iss blackice_agent_server 3.6eca
iss blackice_server_protection 3.6cbz
iss blackice_pc_protection 3.6cbd
iss realsecure_desktop 7.0ebg
CVE-2004-2126 MEDIUM

The upgrade for BlackICE PC Protection 3.6 and earlier sets insecure permissions for .INI files such as (1) blackice.ini, (2) firewall.ini, (3) protect.ini, or (4) sigs.ini, which allows local users to modify BlackICE configuration or possibly execute arbitrary code by exploiting vulnerabilities in the .INI parsers.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
iss blackice_pc_protection *
CVE-2005-2711 HIGH

ISS BlackIce 3.6, as used in multiple products including BlackICE PC Protection, Server Protection, Agent for Server, and RealSecure Desktop 3.6 and 7.0, does not drop privileges before launching help from the "More Info" button in the "Application Protection" dialog, which allows local users to execute arbitrary programs as SYSTEM.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
iss blackice_pc_protection 3.6
iss blackice_agent_server *
iss realsecure_desktop 7.0
iss blackice_server_protection *
iss realsecure_desktop 3.6
iss blackice_pc_protection 3.6cpu
CVE-2014-7725 MEDIUM

The Rally Albania Live 2014 (aka com.wRallyAlbaniaLIVE2014) application 0.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
iss rally_albania_live_2014 0.11