Thread: Heads UP!! 50,000 PC's destroyed by Witty Worm today!
View Single Post
Old 03-29-2004, 05:06 AM  
Va2k
I’m still alive barley.
 
Va2k's Avatar
 
Industry Role:
Join Date: Oct 2001
Location: Va
Posts: 10,060
Alerts
Internet Security Systems Security Alert
March 18, 2004

Vulnerability in ICQ Parsing in ISS Products

Synopsis:

A vulnerability was discovered in the ICQ instant messaging protocol
parsing routines of the ISS Protocol Analysis Module (PAM) component.
The PAM module is a shared component of all current ISS host, server,
and network protection software and devices. The flaw relates to
incorrect parsing of the ICQ protocol which may lead to a buffer
overflow condition.

Affected Versions:

The Protocol Analysis Module (PAM) facilitates the parsing of network
protocols in order to perform further analysis and attack detection.
ICQ is a popular instant messaging application developed by ICQ Inc.,
a subsidiary of America Online. In order to detect attacks targeting
instant messaging software, PAM parses several IM protocols including
ICQ.

http://xforce.iss.net/xforce/alerts/id/166
__________________
Va2k is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote