ISS BlackICE 本地拒绝服务漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1110931 漏洞类型 输入验证
发布时间 2006-09-01 更新时间 2007-09-18
CVE编号 CVE-2006-4541 CNNVD-ID CNNVD-200609-018
漏洞平台 Windows CVSS评分 4.6
|漏洞来源
https://www.exploit-db.com/exploits/28469
https://www.securityfocus.com/bid/19800
https://cxsecurity.com/issue/WLB-2006090040
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200609-018
|漏洞详情
BlackICE是一款InternetSecuritySystems公司发布的桌面防火墙系统。BlackICE的rapdrv.sys驱动在处理NtOpenSection()API钩子的对象属性参数时存在漏洞,攻击者可以利用将第三方参数设置为NULL的NtOpenSection()API导致防火墙崩溃。
|漏洞EXP
source: http://www.securityfocus.com/bid/19800/info

Internet Security Systems (ISS) BlackICE PC Protection is prone to a local denial-of-service vulnerability because the application fails to properly sanitize user-supplied input.

This vulnerability allows local attackers to crash affected systems, facilitating a denial-of-service condition on the local computer. Remote code execution may also be possible if the vulnerability is exploited in privileged kernel mode.

Versions 3.6.cpn, 3.6.cpj, and 3.6.cpiE are vulnerable to this issue; other versions may also be affected.

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/28469.zip
|受影响的产品
Internet Security Systems BlackICE PC Protection 3.6 cch Internet Security Systems BlackICE PC Protection 3.6 ccg Internet Security Systems BlackICE PC Protection 3.6 ccf Internet Security Systems BlackICE P
|参考资料

来源:BID
名称:19800
链接:http://www.securityfocus.com/bid/19800
来源:BUGTRAQ
名称:20070918Plaguein(security)softwaredrivers&BSDOhookutility
链接:http://www.securityfocus.com/archive/1/archive/1/479830/100/0/threaded
来源:BUGTRAQ
名称:20060901ISSBlackICEPCProtectionInsufficientvalidationofargumentsofNtOpenSectionVulnerability
链接:http://www.securityfocus.com/archive/1/archive/1/444958/100/0/threaded
来源:OSVDB
名称:28332
链接:http://www.osvdb.org/28332
来源:MISC
链接:http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php
来源:MISC
链接:http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php
来源:MISC
链接:http://www.matousec.com/info/advisories/BlackICE-Insufficient-validation-of-arguments-of-NtOpenSection.php
来源:VUPEN
名称:ADV-2006-3431
链接:http://www.frsirt.com/english/advisories/2006/3431
来源:SREASON
名称:1512
链接:http://securityreason.com/securityalert/1512
来源:SECUNIA
名称:21710
链接:http://secunia.com/advisories/21710