DATAC RealWin SCADA Server SCPC_INITIALIZE buffer overflow

2010-11-08T00:00:00
ID SAINT:8819B5D18F56BF874377E056C8FAD32B
Type saint
Reporter SAINT Corporation
Modified 2010-11-08T00:00:00

Description

Added: 11/08/2010
CVE: CVE-2010-4142
BID: 44150
OSVDB: 68812

Background

RealWin is a Supervisory Control and Data Acquisition (SCADA) server which is distributed by DATAC.

Problem

A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted SCPC_INITIALIZE or SCPC_INITIALIZE_RF packet to the RealWin SCADA server.

Resolution

Block access to port 912/TCP.

References

<http://aluigi.altervista.org/adv/realwin_1-adv.txt>
<http://secunia.com/advisories/41849/>

Limitations

Exploit works on RealWin SCADA 1.6.

Platforms

Windows