RealSecure/BlackICE MailSlot Overflow Detection Denial of Service
Author: Dave Lewis
Having my head firmly between my buttocks last week I managed to forget to post this one. It’s not that major but, I thought that I would make mention of this problem as there is a fairly extensive install base.
Description:
NSFocus Security Team has reported a vulnerability in various RealSecure/BlackICE products, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error in the detection of the MailSlot buffer overflow vulnerability (MS06-035) and can be exploited to cause an infinite loop by sending a specially crafted SMB MailSlot packet.
Successful exploitation causes the application or system to stop responding.
There is an updated XPU for this one 24.40 is the rev I believe.
Tags: ISS Realsecure, BlackIce, Vulnerability
