Internet Security Systems BlackICE and RealSecure Buffer Overflow Vulnerability

Internet Security Systems's BlackICE Defender, BlackICE Agent and RealSecure Server Sensor, are network intrusion detection systems which run in Microsoft Windows environments.

A buffer overflow condition has been reported in these products which can be exploited by a remote user. Exploitation is achievable via a ping flood attack.
Sending a series of large Echo Request (ping) packets to a target host will trigger the overflow.

It is possible to execute arbitrary code with kernel-level privileges.


Privacy Statement
Copyright 2010, SecurityFocus