Info

Disclosure

Sep 01, 2006

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

BlackICE PC Protection contains a flaw that may allow a local denial of service. The issue is triggered by a call to NtOpenSection() with a NULL value in the third argument. The arguments are direct user input and the third argument is not validated by BlackICE. The result is a system crash from an error in RapDrv.sys.

Classification

Location: Local Access Required
Attack Type: Denial of Service
Impact: Loss of Availability
Exploit: Exploit Rumored

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

Internet Security Systems	BlackICE PC Protection	3.6 cpn
		3.6 cpj
		3.6 cpiE
		3.6

References

Bugtraq ID: 19800
CVE ID: 2006-4541 (see also: NVD)
Secunia Advisory ID: 21710
SCIP VulDB ID: 2504
VUPEN Advisory: ADV-2006-3431
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-09/0002.html
Other Advisory URL: http://www.matousec.com/info/advisories/BlackICE-Insufficient-validation-of-arguments-of-NtOpenSection.php

Credit

David Matousek - davidmatousec.com - Matousec

Direct URL: http://osvdb.org/28332

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Internet Security Systems

BlackICE PC Protection

References

Credit