Vulnerability in Black ICE Defender
From: Matt Taylor (quisit@quest.net)Date: 02/04/02
- Previous message: sq: "Netgear RT311/RT314"
- Next in thread: advisories : "Re: Vulnerability in Black ICE Defender"
- Reply: advisories : "Re: Vulnerability in Black ICE Defender"
- Reply: Chris Paget: "RE: Vulnerability in Black ICE Defender"
- Reply: Troy Billington: "Re: Vulnerability in Black ICE Defender"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 3 Feb 2002 22:26:50 -0600 From: "Matt Taylor" <quisit@quest.net> To: bugtraq@securityfocus.com
The current version of BlackICE Defender (2.9.caq and 2.9.cap) running on a
Windows 2000 machine can be remotely crashed using a very basic ping flood.
This has been tested with Divine Intervention 2 & 3, Sisoft Sandra Network
(LAN) benchmark.
Setting the packet size to about 10,000 bytes causes a Blue Screen of Death
(or immediate system reboot). After extensive correspondence with ISS
support they basically told me they'd "look into it." They have not
responded since 12/21/01 and their newest patch 2.9.caq (released after)
does not address this issue. More details available if requested.
Matt Taylor
- Previous message: sq: "Netgear RT311/RT314"
- Next in thread: advisories : "Re: Vulnerability in Black ICE Defender"
- Reply: advisories : "Re: Vulnerability in Black ICE Defender"
- Reply: Chris Paget: "RE: Vulnerability in Black ICE Defender"
- Reply: Troy Billington: "Re: Vulnerability in Black ICE Defender"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
