Vulnerability in Black ICE Defender

From: Matt Taylor (quisitat_private)
Date: Sun Feb 03 2002 - 20:26:50 PST

Next message: Nicolas Gregoire: "Re : Lotus Domino password bypass"

Previous message: sq: "Netgear RT311/RT314"
Next in thread: advisories : "Re: Vulnerability in Black ICE Defender"
Reply: advisories : "Re: Vulnerability in Black ICE Defender"
Reply: Chris Paget: "RE: Vulnerability in Black ICE Defender"
Reply: Troy Billington: "Re: Vulnerability in Black ICE Defender"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The current version of BlackICE Defender (2.9.caq and 2.9.cap) running on a
Windows 2000 machine can be remotely crashed using a very basic ping flood.
This has been tested with Divine Intervention 2 & 3, Sisoft Sandra Network
(LAN) benchmark.
Setting the packet size to about 10,000 bytes causes a Blue Screen of Death
(or immediate system reboot). After extensive correspondence with ISS
support they basically told me they'd "look into it." They have not
responded since 12/21/01 and their newest patch 2.9.caq (released after)
does not address this issue. More details available if requested.

Matt Taylor

Next message: Nicolas Gregoire: "Re : Lotus Domino password bypass"
Previous message: sq: "Netgear RT311/RT314"
Next in thread: advisories : "Re: Vulnerability in Black ICE Defender"
Reply: advisories : "Re: Vulnerability in Black ICE Defender"
Reply: Chris Paget: "RE: Vulnerability in Black ICE Defender"
Reply: Troy Billington: "Re: Vulnerability in Black ICE Defender"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Feb 04 2002 - 15:09:11 PST