Vulnerability Report

CVE-2004-0362

RCE

Title: ISS Protocol Analysis Module multiple stack-based buffer overflows RCE

RCE, Buffer Overflow

Proof Of Concept

PoC Available for CVE-2004-0362

CWE Category NVD-CWE-noinfo

Published Date Apr 15, 2004

Modified Date Apr 03, 2025

Exploit Status Available

Score 7.5 CVSS v2.0

Exploit Probability (EPSS)

83.40%

Vulnerability Summary

CVE-2004-0362: Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm.

Impacted Vendors

iss 11

Reference Links

http://marc.info/?l=bugtraq&m=107965651712378&w=2 http://secunia.com/advisories/11073 http://www.ciac.org/ciac/bulletins/o-104.shtml http://www.eeye.com/html/Research/Advisories/AD20040318.html http://www.kb.cert.org/vuls/id/947254 http://www.osvdb.org/4355 http://www.securityfocus.com/bid/9913 http://xforce.iss.net/xforce/alerts/id/166 https://exchange.xforce.ibmcloud.com/vulnerabilities/15442 https://exchange.xforce.ibmcloud.com/vulnerabilities/15543 http://marc.info/?l=bugtraq&m=107965651712378&w=2 http://secunia.com/advisories/11073 http://www.ciac.org/ciac/bulletins/o-104.shtml http://www.eeye.com/html/Research/Advisories/AD20040318.html http://www.kb.cert.org/vuls/id/947254 http://www.osvdb.org/4355 http://www.securityfocus.com/bid/9913 http://xforce.iss.net/xforce/alerts/id/166 https://exchange.xforce.ibmcloud.com/vulnerabilities/15442 https://exchange.xforce.ibmcloud.com/vulnerabilities/15543

CVSS v2.0

Source Entity [email protected]

Severity HIGH

7.5

Access Vector

N/A

Authentication

N/A

RAW VECTOR AV:N/AC:L/Au:N/C:P/I:P/A:P

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2004-0362 Exploits & PoCs (Proof Of Concept)

Exploit-DB https://www.exploit-db.com/exploits/16464

View Code

Exploit-DB https://www.exploit-db.com/exploits/168

View Code

April 03, 2025 MODIFIED

Vulnerability data or affected products updated.

April 15, 2004 PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector N/A

Complexity N/A

Privileges N/A

Interaction NONE

CVSS Vector String


                                    AV:N/AC:L/Au:N/C:P/I:P/A:P

Affected Stack

No specific products linked.