RE: DoS Vulnerability found in ISS BlackICE Defender

From: Jensenne Roculan (jroculan@securityfocus.com)
Date: 02/06/02


Date: Wed, 6 Feb 2002 12:32:47 -0700 (MST)
From: Jensenne Roculan <jroculan@securityfocus.com>
To: Fernando Martins <fernando.martins@esoterica.pt>

The official Internet Security Systems Security Alert can be found here:

http://www.iss.net/security_center/alerts/advise109.php

According to this advisory, RealSecure 6.0.1 and 6.5 are vulnerable as
well. Also, the fixes should be available as soon as testing has been
completed.

Cheers,

Jensenne Roculan
SecurityFocus - http://www.securityfocus.com
ARIS - http://aris.securityfocus.com
(403) 213-3939 ext. 229

On Tue, 5 Feb 2002, Fernando Martins wrote:

> For a temporary workaround until the fix is available, the vendor said:
>
> "Set the BlackICE Defender firewall to block ICMP. You must edit the
> firewall.ini file and add the following: Under the [MANUAL ICMP ACCEPT]
> section,
>
> REJECT, 8:0, ICMP, 2001-10-15 20:28:53, PERPETUAL, 4000, BIGUI
>
> Save the firewall.ini file."
>
> FM
>



Relevant Pages