SCADA: DATAC RealWin SCADA Server Multiple Buffer Overflow Vulnerabilities

This signature detects attempts to exploit a known multiple buffer overflow vulnerabilityiesin the DATAC RealWin SCADA Server. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.

Extended Description

DATAC RealWin is prone to multiple remote buffer-overflow vulnerabilities because of a failure to properly bounds check user-supplied input. Attackers can leverage these issues to execute arbitrary code in the context of the application. Failed exploit attempts will cause a denial-of-service condition. DATAC RealWin versions 2.1 and prior are vulnerable; other versions may also be affected.

Affected Products

Datac_control_international realwin_scada_server

References

BugTraq: 46937

CVE: CVE-2011-1564

URL: http://aluigi.org/adv/realwin_2-adv.txt http://aluigi.org/adv/realwin_3-adv.txt http://aluigi.org/adv/realwin_4-adv.txt http://aluigi.org/adv/realwin_5-adv.txt http://aluigi.org/adv/realwin_6-adv.txt http://aluigi.org/adv/realwin_7-adv.txt http://aluigi.org/adv/realwin_8-adv.txt http://www.dataconline.com/software/realwin.php http://aluigi.altervista.org/adv/realwin_5-adv.txt http://www.us-cert.gov/control_systems/pdf/ICSA-11-110-01.pdf http://aluigi.altervista.org/adv/realwin_2-adv.txt http://aluigi.altervista.org/adv/realwin_3-adv.txt http://aluigi.altervista.org/adv/realwin_4-adv.txt http://aluigi.altervista.org/adv/realwin_8-adv.txt

Short Name

SCADA:DATAC-REALWIN-MULT-BOF

Severity

Critical

Recommended

False

Recommended Action

Drop

SCADA: DATAC RealWin SCADA Server Multiple Buffer Overflow Vulnerabilities

Extended Description

Affected Products

References

Found a potential security threat?