{"api_version":"1","generated_at":"2026-05-13T11:01:06+00:00","cve":"CVE-2004-0193","urls":{"html":"https://cve.report/CVE-2004-0193","api":"https://cve.report/api/cve/CVE-2004-0193.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2004-0193","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2004-0193"},"summary":{"title":"CVE-2004-0193","description":"Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Server Protection 3.6, allows remote attackers to execute arbitrary code via an SMB packet containing an authentication request with a long username.","state":"PUBLISHED","assigner":"mitre","published_at":"2004-03-15 05:00:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"7.5","severity":"","vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"}}],"references":[{"url":"http://xforce.iss.net/xforce/alerts/id/165","name":"http://xforce.iss.net/xforce/alerts/id/165","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Internet Security Systems -","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"http://www.eeye.com/html/Research/Advisories/AD20040226.html","name":"http://www.eeye.com/html/Research/Advisories/AD20040226.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"eEye Digital Security - Vulnerability Management Solutions","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/9752","name":"http://www.securityfocus.com/bid/9752","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Internet Security Systems Protocol Analysis Module SMB Parsing Heap Overflow Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.osvdb.org/4072","name":"http://www.osvdb.org/4072","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://www.kb.cert.org/vuls/id/150326","name":"http://www.kb.cert.org/vuls/id/150326","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory","US Government Resource"],"title":"US-CERT Vulnerability Note VU#150326","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.eeye.com/html/Research/Upcoming/20040213.html","name":"http://www.eeye.com/html/Research/Upcoming/20040213.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"eEye Digital Security - Vulnerability Management Solutions","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/10988","name":"http://secunia.com/advisories/10988","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - ISS Multiple Products SMB Packet Handling Buffer Overflow Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://marc.info/?l=bugtraq&m=107789851117176&w=2","name":"http://marc.info/?l=bugtraq&m=107789851117176&w=2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"'EEYE: RealSecure/BlackICE Server Message Block (SMB) Processing Overflow' - MARC","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/15207","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/15207","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2004-0193","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2004-0193","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2004","cve_id":"193","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"iss","cpe5":"blackice_agent_server","cpe6":"3.6eca","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"193","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"iss","cpe5":"blackice_pc_protection","cpe6":"3.6cbd","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"193","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"iss","cpe5":"blackice_server_protection","cpe6":"3.6cbz","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"193","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"iss","cpe5":"proventia_a_series_xpu","cpe6":"20.15","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"193","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"iss","cpe5":"proventia_g_series_xpu","cpe6":"22.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"193","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"iss","cpe5":"proventia_m_series_xpu","cpe6":"1.30","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"193","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"iss","cpe5":"realsecure_desktop","cpe6":"3.6eca","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"193","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"iss","cpe5":"realsecure_desktop","cpe6":"3.6ecf","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"193","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"iss","cpe5":"realsecure_desktop","cpe6":"7.0ebg","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"193","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"iss","cpe5":"realsecure_desktop","cpe6":"7.0epk","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"193","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"iss","cpe5":"realsecure_guard","cpe6":"3.6ecb","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"193","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"iss","cpe5":"realsecure_network","cpe6":"7.0","cpe7":"xpu_20.15","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"193","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"iss","cpe5":"realsecure_sentry","cpe6":"3.6ecf","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"193","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"iss","cpe5":"realsecure_server_sensor","cpe6":"7.0","cpe7":"xpu20.16","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-08T00:10:03.846Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"VU#150326","tags":["third-party-advisory","x_refsource_CERT-VN","x_transferred"],"url":"http://www.kb.cert.org/vuls/id/150326"},{"name":"20040226 Vulnerability in SMB Parsing in ISS Products","tags":["third-party-advisory","x_refsource_ISS","x_transferred"],"url":"http://xforce.iss.net/xforce/alerts/id/165"},{"name":"4072","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://www.osvdb.org/4072"},{"name":"10988","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/10988"},{"name":"20040227 EEYE: RealSecure/BlackICE Server Message Block (SMB) Processing Overflow","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=107789851117176&w=2"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.eeye.com/html/Research/Upcoming/20040213.html"},{"name":"pam-smb-protocol-bo(15207)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/15207"},{"name":"AD20040226","tags":["third-party-advisory","x_refsource_EEYE","x_transferred"],"url":"http://www.eeye.com/html/Research/Advisories/AD20040226.html"},{"name":"9752","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/9752"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2004-02-27T00:00:00.000Z","descriptions":[{"lang":"en","value":"Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Server Protection 3.6, allows remote attackers to execute arbitrary code via an SMB packet containing an authentication request with a long username."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2004-03-18T10:00:00.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"VU#150326","tags":["third-party-advisory","x_refsource_CERT-VN"],"url":"http://www.kb.cert.org/vuls/id/150326"},{"name":"20040226 Vulnerability in SMB Parsing in ISS Products","tags":["third-party-advisory","x_refsource_ISS"],"url":"http://xforce.iss.net/xforce/alerts/id/165"},{"name":"4072","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://www.osvdb.org/4072"},{"name":"10988","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/10988"},{"name":"20040227 EEYE: RealSecure/BlackICE Server Message Block (SMB) Processing Overflow","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://marc.info/?l=bugtraq&m=107789851117176&w=2"},{"tags":["x_refsource_MISC"],"url":"http://www.eeye.com/html/Research/Upcoming/20040213.html"},{"name":"pam-smb-protocol-bo(15207)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/15207"},{"name":"AD20040226","tags":["third-party-advisory","x_refsource_EEYE"],"url":"http://www.eeye.com/html/Research/Advisories/AD20040226.html"},{"name":"9752","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/9752"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2004-0193","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Server Protection 3.6, allows remote attackers to execute arbitrary code via an SMB packet containing an authentication request with a long username."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"VU#150326","refsource":"CERT-VN","url":"http://www.kb.cert.org/vuls/id/150326"},{"name":"20040226 Vulnerability in SMB Parsing in ISS Products","refsource":"ISS","url":"http://xforce.iss.net/xforce/alerts/id/165"},{"name":"4072","refsource":"OSVDB","url":"http://www.osvdb.org/4072"},{"name":"10988","refsource":"SECUNIA","url":"http://secunia.com/advisories/10988"},{"name":"20040227 EEYE: RealSecure/BlackICE Server Message Block (SMB) Processing Overflow","refsource":"BUGTRAQ","url":"http://marc.info/?l=bugtraq&m=107789851117176&w=2"},{"name":"http://www.eeye.com/html/Research/Upcoming/20040213.html","refsource":"MISC","url":"http://www.eeye.com/html/Research/Upcoming/20040213.html"},{"name":"pam-smb-protocol-bo(15207)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/15207"},{"name":"AD20040226","refsource":"EEYE","url":"http://www.eeye.com/html/Research/Advisories/AD20040226.html"},{"name":"9752","refsource":"BID","url":"http://www.securityfocus.com/bid/9752"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2004-0193","datePublished":"2004-09-01T04:00:00.000Z","dateReserved":"2004-03-04T00:00:00.000Z","dateUpdated":"2024-08-08T00:10:03.846Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2004-03-15 05:00:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":true,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:iss:blackice_agent_server:3.6eca:*:*:*:*:*:*:*","matchCriteriaId":"68D71B50-D280-4735-BFFE-2548C3117D70"},{"vulnerable":true,"criteria":"cpe:2.3:a:iss:blackice_pc_protection:3.6cbd:*:*:*:*:*:*:*","matchCriteriaId":"D62AC2AC-E7ED-498B-805F-2300B9793C2E"},{"vulnerable":true,"criteria":"cpe:2.3:a:iss:blackice_server_protection:3.6cbz:*:*:*:*:*:*:*","matchCriteriaId":"E33242A8-7BE6-4A69-A7CC-81BAFC2ADD50"},{"vulnerable":true,"criteria":"cpe:2.3:a:iss:realsecure_desktop:3.6eca:*:*:*:*:*:*:*","matchCriteriaId":"CF2247F3-0287-40DC-8CE8-3D0E15910056"},{"vulnerable":true,"criteria":"cpe:2.3:a:iss:realsecure_desktop:3.6ecf:*:*:*:*:*:*:*","matchCriteriaId":"23AE96AD-84D6-4C76-9197-AFCDCC6EA705"},{"vulnerable":true,"criteria":"cpe:2.3:a:iss:realsecure_desktop:7.0ebg:*:*:*:*:*:*:*","matchCriteriaId":"1F9233FA-D30A-4D0B-9605-CAA119C97CC9"},{"vulnerable":true,"criteria":"cpe:2.3:a:iss:realsecure_desktop:7.0epk:*:*:*:*:*:*:*","matchCriteriaId":"F3CEB52E-9D4F-456A-A0C9-38E9D5FB6770"},{"vulnerable":true,"criteria":"cpe:2.3:a:iss:realsecure_guard:3.6ecb:*:*:*:*:*:*:*","matchCriteriaId":"31FBC29D-CA61-44D8-A270-46A03A833B86"},{"vulnerable":true,"criteria":"cpe:2.3:a:iss:realsecure_network:7.0:xpu_20.15:*:*:*:*:*:*","matchCriteriaId":"4D69F073-8619-42F0-BCF4-EB15F22D2855"},{"vulnerable":true,"criteria":"cpe:2.3:a:iss:realsecure_sentry:3.6ecf:*:*:*:*:*:*:*","matchCriteriaId":"8983BE98-CC42-4B87-931B-31EF6B9AB840"},{"vulnerable":true,"criteria":"cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu20.16:*:*:*:*:*:*","matchCriteriaId":"A6E4DF0F-6EE2-4445-BAAA-F6762CB933F0"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:h:iss:proventia_a_series_xpu:20.15:*:*:*:*:*:*:*","matchCriteriaId":"EC3D8ECB-C355-4AD4-8AE1-EE3621EBAB1F"},{"vulnerable":true,"criteria":"cpe:2.3:h:iss:proventia_g_series_xpu:22.3:*:*:*:*:*:*:*","matchCriteriaId":"0C3D5C60-1E1C-4831-895A-7C28D279FFF8"},{"vulnerable":true,"criteria":"cpe:2.3:h:iss:proventia_m_series_xpu:1.30:*:*:*:*:*:*:*","matchCriteriaId":"616323E5-C7EB-4101-9F10-1A33645FEDAB"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2004","CveId":"193","Ordinal":"1","Title":"CVE-2004-0193","CVE":"CVE-2004-0193","Year":"2004"},"notes":[{"CveYear":"2004","CveId":"193","Ordinal":"1","NoteData":"Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Server Protection 3.6, allows remote attackers to execute arbitrary code via an SMB packet containing an authentication request with a long username.","Type":"Description","Title":"CVE-2004-0193"},{"CveYear":"2004","CveId":"193","Ordinal":"2","NoteData":"2004-09-01","Type":"Other","Title":"Published"},{"CveYear":"2004","CveId":"193","Ordinal":"3","NoteData":"2004-03-18","Type":"Other","Title":"Modified"}]}}}