Barnaby Jack

**Name of the Vulnerable Software and Affected Versions** D-Link DI-524 versions (affected versions not specified) D-Link DI-604 versions (affected versions not specified) D-Link DI-624 versions (affected versions not specified) D-Link DI-784 versions (affected versions not specified) D-Link WBR-1310 versions (affected versions not specified) D-Link WBR-2310 versions (affected versions not specified) D-Link EBR-2310 versions (affected versions not specified) **Description** The issue is a stack-based buffer overflow in the Universal Plug and Play (UPnP) service. It allows remote attackers to execute arbitrary code via a long M-SEARCH request to UDP port 1900. **Recommendations** For D-Link DI-524, consider disabling the UPnP service until a patch is available. For D-Link DI-604, restrict access to UDP port 1900 to minimize the risk of exploitation. For D-Link DI-624, avoid using the M-SEARCH request in the affected UPnP service until the issue is resolved. For D-Link DI-784, consider disabling the UPnP service until a patch is available. For D-Link WBR-1310, restrict access to UDP port 1900 to minimize the risk of exploitation. For D-Link WBR-2310, avoid using the M-SEARCH request in the affected UPnP service until the issue is resolved. For D-Link EBR-2310, consider disabling the UPnP service until a patch is available.

**Name of the Vulnerable Software and Affected Versions** ISS Protocol Analysis Module (PAM) component versions (affected versions not specified) **Description** The issue is related to multiple stack-based buffer overflows in the ICQ parsing routines. This can be exploited by remote attackers to execute arbitrary code via a SRV MULTI response containing specific packets with long fields, such as `nickname`, `firstname`, `lastname`, or `email address`. The Witty worm is known to have exploited this issue. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** RealSecure Network versions 7.0 RealSecure Desktop versions 7.0 and 3.6 RealSecure Guard version 3.6 RealSecure Sentry version 3.6 Proventia A, G, and M Series (affected versions not specified) BlackICE PC Protection version 3.6 BlackICE Server Protection version 3.6 **Description** A heap-based buffer overflow issue exists in the ISS Protocol Analysis Module (PAM) used in certain products. This issue allows remote attackers to execute arbitrary code via an SMB packet containing an authentication request with a long `username`. **Recommendations** For RealSecure Network version 7.0, update to a version that includes a fix for the heap-based buffer overflow issue in the ISS Protocol Analysis Module. For RealSecure Desktop versions 7.0 and 3.6, update to a version that includes a fix for the heap-based buffer overflow issue in the ISS Protocol Analysis Module. For RealSecure Guard version 3.6, update to a version that includes a fix for the heap-based buffer overflow issue in the ISS Protocol Analysis Module. For RealSecure Sentry version 3.6, update to a version that includes a fix for the heap-based buffer overflow issue in the ISS Protocol Analysis Module. For Proventia A, G, and M Series, contact the vendor for guidance on updating to a version that includes a fix for the heap-based buffer overflow issue in the ISS Protocol Analysis Module. For BlackICE PC Protection version 3.6, update to a version that includes a fix for the heap-based buffer overflow issue in the ISS Protocol Analysis Module. For BlackICE Server Protection version 3.6, update to a version that includes a fix for the heap-based buffer overflow issue in the ISS Protocol Analysis Module.