Vulnerability in Black ICE Defender

From: Matt Taylor (quisit@quest.net)
Date: 02/04/02


Date: Sun, 3 Feb 2002 22:26:50 -0600
From: "Matt Taylor" <quisit@quest.net>
To: bugtraq@securityfocus.com

The current version of BlackICE Defender (2.9.caq and 2.9.cap) running on a
Windows 2000 machine can be remotely crashed using a very basic ping flood.
This has been tested with Divine Intervention 2 & 3, Sisoft Sandra Network
(LAN) benchmark.
Setting the packet size to about 10,000 bytes causes a Blue Screen of Death
(or immediate system reboot). After extensive correspondence with ISS
support they basically told me they'd "look into it." They have not
responded since 12/21/01 and their newest patch 2.9.caq (released after)
does not address this issue. More details available if requested.

Matt Taylor



Relevant Pages

  • BlackIce 2.9cap and XP BSODs
    ... Is anyone else experencing BSOD or issues with BlackIce Defender 2.9cap on ... When resuming the PC from Suspend to RAM the Firewall and ... When you do this Windows XP can BSOD with the ...
    (comp.security.firewalls)
  • Re: Vulnerability in Black ICE Defender
    ... I verified this vulnerability in BlackICE Defender 2.9.can as well. ... >Windows 2000 machine can be remotely crashed using a very basic ping flood. ... >(or immediate system reboot). ...
    (Bugtraq)