BlackICE ICQ ISS-PAM1 Exploit v1.6 Vulnerability exploited: CAN-2004-0362 - BID-9913 Category: Exploits/Remote This module exploits a buffer overflow and installs a level0 agent into the target host. A routine within the Protocol Analysis Module component that monitors ICQ server responses (used in all current ISS host, server, and network device solutions), contains a series of stack based buffer overflow vulnerabilities. Supported Systems: Windows 2000 Professional - sp0 (i386) Windows 2000 Professional - sp1 (i386) Windows 2000 Professional - sp2 (i386) Windows 2000 Professional - sp3 (i386) Windows 2000 Professional - sp4 (i386) Windows 2000 Server - sp0 (i386) Windows 2000 Server - sp1 (i386) Windows 2000 Server - sp2 (i386) Windows 2000 Server - sp3 (i386) Windows 2000 Server - sp4 (i386) Windows 2000 Advanced Server - sp0 (i386) Windows 2000 Advanced Server - sp1 (i386) Windows 2000 Advanced Server - sp2 (i386) Windows 2000 Advanced Server - sp3 (i386) Windows 2000 Advanced Server - sp4 (i386) Windows XP Professional - sp0 (i386) Windows XP Professional - sp1 (i386) Windows XP Home Edition - sp0 (i386) Windows XP Home Edition - sp1 (i386) BlackICE PC Protection v3.6 cbz BlackICE PC Protection v3.6 ccb BlackICE PC Protection v3.6 ccf BlackICE Server Protection v3.6 cbz BlackICE Server Protection v3.6 ccf This module is included in the latest version of CORE IMPACT, the first automated comprehensive penetration testing product for accurately identifying information security risks. Click here to learn more about the product.