Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 338390

Summary: test, please ignore (CVE-2004-0362)
Product: Gentoo Security Reporter: GLSAMaker/CVETool Bot <glsamaker>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED INVALID    
Severity: normal CC: a3li
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: A4 [stable] wait
Package list:
Runtime testing required: ---

Description GLSAMaker/CVETool Bot gentoo-dev 2010-09-22 22:04:24 UTC 
CVE-2004-0362 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2004-0362):
  Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS
  Protocol Analysis Module (PAM) component, as used in various RealSecure,
  Proventia, and BlackICE products, allow remote attackers to execute
  arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE
  response packet and a SRV_META_USER response packet with long (1) nickname,
  (2) firstname, (3) lastname, or (4) email address fields, as exploited by
  the Witty worm.



Testing, please ignore this bug. Sorry if it caused you any bugspam.