[security-alerts] FW: [SA21219] RealSecure/BlackICE MailSlot Overflow Detection Denial of Service

["Kazennov, Vladimir" <Vladimir.Kazennov@xxxxxxxxxx>]

> 
> TITLE:
> RealSecure/BlackICE MailSlot Overflow Detection Denial of Service
> 
> SECUNIA ADVISORY ID:
> SA21219
> 
> VERIFY ADVISORY:
> http://secunia.com/advisories/21219/
> 
> CRITICAL:
> Less critical
> 
> IMPACT:
> DoS
> 
> WHERE:
> From local network
> 
> OPERATING SYSTEM:
> ISS Proventia A Series
> http://secunia.com/product/2349/
> ISS Proventia G Series
> http://secunia.com/product/2348/
> ISS Proventia M Series
> http://secunia.com/product/2347/
> 
> SOFTWARE:
> BlackICE PC Protection 3.x
> http://secunia.com/product/1702/
> BlackICE Server Protection 3.x
> http://secunia.com/product/465/
> ISS Proventia Desktop System 8.x
> http://secunia.com/product/5689/
> Proventia Server 1.x
> http://secunia.com/product/11161/
> RealSecure Desktop Protector 7.x
> http://secunia.com/product/2363/
> RealSecure Network 7.x
> http://secunia.com/product/2356/
> RealSecure Server Sensor 7.x
> http://secunia.com/product/2160/
> 
> DESCRIPTION:
> NSFocus Security Team has reported a vulnerability in various
> RealSecure/BlackICE products, which can be exploited by malicious
> people to cause a DoS (Denial of Service).
> 
> The vulnerability is caused due to an error in the detection of the
> MailSlot buffer overflow vulnerability (MS06-035) and can be
> exploited to cause an infinite loop by sending a specially crafted
> SMB MailSlot packet.
> 
> Successful exploitation causes the application or system to stop
> responding.
> 
> SOLUTION:
> Update to a fixed version (see vendor advisory for details).
> 
> PROVIDED AND/OR DISCOVERED BY:
> Chen Qing, NSFocus Security Team.
> 
> ORIGINAL ADVISORY:
> ISS:
> http://xforce.iss.net/xforce/alerts/id/230
> https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.p
hp?p_faqid=3630
> 
> NSFocus:
> http://www.nsfocus.com/english/homepage/research/0607.htm
>