Test ID:	12114
Category:	Windows
Title:	ISS BlackICE Vulnerable versions
Summary:	ISS BlackICE Vulnerable version detection
Description:	ISS BlackICE is a personal Firewall/IDS for windows Desktops. Several remote holes have been found in the product. An attacker, exploiting these flaws, would be able to either stop the remote firewall/IDS service or execute code on the target machine. According to the remote version number, the remote host is vulnerable to at least one remote overflows. Solution : Upgrade to the newest version of BlackICE Risk factor : High
Cross-Ref:	BugTraq ID: 1389 BugTraq ID: 4025 BugTraq ID: 4950 BugTraq ID: 9513 BugTraq ID: 9514 BugTraq ID: 9752 Common Vulnerability Exposure (CVE) ID: CVE-2002-0237 Bugtraq: 20020209 ALERT: ISS BlackICE Kernel Overflow Exploitable (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=101321744807452&w=2 Bugtraq: 20020204 Vulnerability in Black ICE Defender (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=101286393404301&w=2 http://marc.theaimsgroup.com/?l=ntbugtraq&m=101353165915171&w=2 Bugtraq: 20020206 Black ICE Ping Vulnerability Side Note (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=101302424803268&w=2 ISS Security Advisory: 20020204 DoS and Potential Overflow Vulnerability in BlackICE Products http://www.iss.net/security_center/alerts/advise109.php http://www.securityfocus.com/bid/4025 http://www.iss.net/security_center/static/8058.php Common Vulnerability Exposure (CVE) ID: CVE-2000-0562 Bugtraq: 20000620 BlackICE by Network ICE Corp vulnerability against Back Orifice 1.2 (Google Search) http://archives.neohapsis.com/archives/bugtraq/2000-06/0190.html Common Vulnerability Exposure (CVE) ID: CVE-2002-0956 http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0090.html Bugtraq: 20020606 KPMG-2002019: BlackICE Agent not Firewalling After Standby (Google Search) http://online.securityfocus.com/archive/1/275710 http://www.securityfocus.com/bid/4950 http://www.iss.net/security_center/static/9275.php Common Vulnerability Exposure (CVE) ID: CVE-2002-0957 http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0114.html http://www.iss.net/security_center/static/9405.php Common Vulnerability Exposure (CVE) ID: CVE-2004-0193 Bugtraq: 20040227 EEYE: RealSecure/BlackICE Server Message Block (SMB) Processing Overflow (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=107789851117176&w=2 eEye Security Advisory: AD20040226 http://www.eeye.com/html/Research/Advisories/AD20040226.html http://www.eeye.com/html/Research/Upcoming/20040213.html ISS Security Advisory: 20040226 Vulnerability in SMB Parsing in ISS Products http://xforce.iss.net/xforce/alerts/id/165 CERT/CC vulnerability note: VU#150326 http://www.kb.cert.org/vuls/id/150326 http://www.securityfocus.com/bid/9752 http://www.osvdb.org/4072 http://secunia.com/advisories/10988 XForce ISS Database: pam-smb-protocol-bo(15207) http://xforce.iss.net/xforce/xfdb/15207
Copyright	This script is Copyright (C) 2004 Tenable Network Security

This is only one of 24975 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: