|
|
| CVE-ID | ||
|---|---|---|
CVE-2000-0562 |
• CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
|
|
| Description | ||
| BlackIce Defender 2.1 and earlier, and BlackIce Pro 2.0.23 and earlier, do not properly block Back Orifice traffic when the security setting is Nervous or lower. | ||
| References | ||
| Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete. | ||
|
||
| Assigning CNA | ||
| MITRE Corporation | ||
| Date Record Created | ||
| 20000711 | Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE. | |
| Phase (Legacy) | ||
| Proposed (20000712) | ||
| Votes (Legacy) | ||
| ACCEPT(3) Armstrong, Cole, Levy MODIFY(2) Baker, Frech NOOP(1) Ozancin REVIEWING(1) Christey |
||
| Comments (Legacy) | ||
Levy> What do others think? Should this be a vuln? I can see the argument that some features are simply not available unless you use the maximum security settings. Christey> At the very least, this needs to be modified to state that this problem/concern applies to high ports in general, not just Back orifice. The Bugtraq poster claims that BlackICE "shuts down" the port, but only *after* some initial traffic "leaks" out. This may be by design, but it does mean that there is a small window of opportunity in which BlackICE may not work "as advertised," even at lower security settings. Christey> XF:blackice-security-level-nervous BID:1389 Frech> XF:blackice-security-level-nervous(4777) CHANGE> [Levy changed vote from REVIEWING to ACCEPT] CHANGE> [Christey changed vote from NOOP to REVIEWING] Baker> I accept it more as a security exposure, than a real vulnerability. It performs just as any other "firewall" or IDS product can be configured to allow traffic without notifying the user. You can adjust settings on any product that allow traffic that other people or organizations would find unacceptable. So, as long as it is reflected that this is more of a configuration that allows such traffic as opposed to a defective or improperly functioning software issue, I don't have a problem with it. |
||
| Proposed (Legacy) | ||
| 20000712 | ||
| This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities. | ||
|
You can also search by reference using the CVE Reference Maps.
|
||
| For More Information: CVE Request Web Form (select "Other" from dropdown) | ||