Lucene search
SAINT CorporationSAINT:2CDE8FA8CB746C5DD8E7ECA08FF9A82FHistoryOct 03, 2008 - 12:00 a.m.
DATAC RealWin SCADA Server FC_INFOTAG/SET_CONTROL buffer overflow
2008-10-0300:00:00
SAINT Corporation
download.saintcorporation.com
34
0.303 Low
EPSS
Percentile
97.0%
Added: 10/03/2008
CVE: CVE-2008-4322
BID: 31418
OSVDB: 48606
Background
RealWin is a Supervisory Control and Data Acquisition (SCADA) server which is distributed by DATAC.
Problem
A buffer overflow vulnerability in RealWin Server allows remote attackers to execute arbitrary commands by sending a long, specially crafted FC_INFOTAG/SET_CONTROL packet.
Resolution
Block access to port 910/TCP.
References
<http://archives.neohapsis.com/archives/bugtraq/2008-09/0297.html>
Limitations
Exploit works on DATAC Control RealWin SCADA System 2.0.
Platforms
Windows 2000
Windows Server 2003
Related
prion
prion
Stack overflow
2008-09-29 19:25:00
cvelist
cvelist
CVE-2008-4322
2008-09-29 19:00:00
cert
cert
RealFlex RealWin buffer overflow
2008-12-02 00:00:00
checkpoint_advisories
checkpoint_advisories
saint
saint
DATAC RealWin SCADA Server FC_INFOTAG/SET_CONTROL buffer overflow
2008-10-03 00:00:00
DATAC RealWin SCADA Server FC_INFOTAG/SET_CONTROL buffer overflow
2008-10-03 00:00:00
DATAC RealWin SCADA Server FC_INFOTAG/SET_CONTROL buffer overflow
2008-10-03 00:00:00
packetstorm
packetstorm
DATAC RealWin SCADA Server Buffer Overflow
2009-11-26 00:00:00
cve
cve
CVE-2008-4322
2008-09-29 19:25:59
nvd
nvd
CVE-2008-4322
2008-09-29 19:25:59