DATAC RealWin SCADA Server FC_INFOTAG/SET_CONTROL buffer overflow

2008-10-03T00:00:00
ID SAINT:2CDE8FA8CB746C5DD8E7ECA08FF9A82F
Type saint
Reporter SAINT Corporation
Modified 2008-10-03T00:00:00

Description

Added: 10/03/2008
CVE: CVE-2008-4322
BID: 31418
OSVDB: 48606

Background

RealWin is a Supervisory Control and Data Acquisition (SCADA) server which is distributed by DATAC.

Problem

A buffer overflow vulnerability in RealWin Server allows remote attackers to execute arbitrary commands by sending a long, specially crafted FC_INFOTAG/SET_CONTROL packet.

Resolution

Block access to port 910/TCP.

References

<http://archives.neohapsis.com/archives/bugtraq/2008-09/0297.html>

Limitations

Exploit works on DATAC Control RealWin SCADA System 2.0.

Platforms

Windows 2000
Windows Server 2003