Security News -  Security Reviews -   Exploits -  Tools -  UNIX Focus -  Windows Focus
SecuriTeam™  Beyond Security®  SecuriTeam™ Home  Ask the Team  Mailing Lists  Advertising Info  Blogs SecuriTeam™ in Your Inbox   E-mail this CVE-2006-3840 to a friend New vulnerability? New tool? Tell us	CVE-2006-3840 ISS RealSecure/BlackICE MailSlot Heap Overflow Detection DoS     Credit: The information has been provided by Chen Qing. The original article can be found at: http://www.nsfocus.com/english/homepage/research/0607.htm Website Security Scan Code Vulnerability Test Network Assessment Tool Detect hidden vulnerabilities Exhaustive automated testing Real-time, continuous security Get guidance from professionals of internal or 3rd party code. scanning for your entire network    CVE-2006-3840 Details Check for CVE-2006-3840 Vulnerability Assessment and Management. Automated Pen Testing for 50 to 50,000 nodes beyondsecurity.com/vulnerability-scanner Vulnerable Systems:  * RealSecure Network Sensor 7.0  * Proventia A Series  * Proventia G Series  * Proventia M Series  * RealSecure Server Sensor 7.0  * Proventia Server  * RealSecure Desktop 7.0  * Proventia Desktop  * BlackICE PC Protection 3.6  * BlackICE Server Protection 3.6 Immune Systems:  * RealSecure Network 7.0, XPU 24.40  * Proventia A Series, XPU 24.40  * Proventia G Series, XPU 24.40/1.79  * Proventia M Series, XPU 1.79  * RealSecure Server Sensor 7.0, XPU 24.40  * Proventia Server 1.0.914.1880  * RealSecure Desktop 7.0 epk  * Proventia Desktop 8.0.812.1790/8.0.675.1790  * BlackICE PC Protection 3.6 cpk  * BlackICE Server Protection 3.6 cpk There is a DoS vulnerability in ISS protection products' detection of SMB_MailSlot_Heap_Overflow (MS06-035/KB917159). By sending a specific SMB MailSlot packet it's possible to cause an infinite loop to occur in the detection code, and the ISS product or even the operating system will stop to respond. For example, for BlackICE the vulnerability might cause the interruption of the network traffic, and an approximately 100% CPU utilization. STOP BlackICE engine will not restore normal operation. Instead OS restart is required. This vulnerability can be triggered by a single packet. The establishment of a real SMB session is not required. Workaround: Block ports TCP/445 and TCP/139 at the firewall. Vendor Status: 2006.07.24 Informed the vendor 2006.07.25 Vendor confirmed the vulnerability 2006.07.26 ISS has released a security alert and related patches. For more details about the security alert, please refer to: http://xforce.iss.net/xforce/alerts/id/230 ISS has released the following XPUs to fix this vulnerability:  * RealSecure Network 7.0, XPU 24.40  * Proventia A Series, XPU 24.40  * Proventia G Series, XPU 24.40/1.79  * Proventia M Series, XPU 1.79  * RealSecure Server Sensor 7.0, XPU 24.40  * Proventia Server 1.0.914.1880  * RealSecure Desktop 7.0 epk  * Proventia Desktop 8.0.812.1790/8.0.675.1790  * BlackICE PC Protection 3.6 cpk  * BlackICE Server Protection 3.6 cpk CVE Information: CVE-2006-3840  Comments on CVE-2006-3840:  Add new comment:  Subject:  Name/Nick/Email:          Chars Left:	All Sections Security News Unix focus Exploits Tools Windows focus Security Reviews
	Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

Copyright © 1998-2010 Beyond Security® All rights reserved.
Terms of Use Site Privacy Statement.
SecuriTeam™ is a trademark of Beyond Security®