Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:8819B5D18F56BF874377E056C8FAD32B
HistoryNov 08, 2010 - 12:00 a.m.

DATAC RealWin SCADA Server SCPC_INITIALIZE buffer overflow

2010-11-0800:00:00
SAINT Corporation
my.saintcorporation.com
28

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.587 Medium

EPSS

Percentile

97.7%

JSON

Added: 11/08/2010
CVE: CVE-2010-4142
BID: 44150
OSVDB: 68812

Background

RealWin is a Supervisory Control and Data Acquisition (SCADA) server which is distributed by DATAC.

Problem

A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted SCPC_INITIALIZE or SCPC_INITIALIZE_RF packet to the RealWin SCADA server.

Resolution

Block access to port 912/TCP.

References

<http://aluigi.altervista.org/adv/realwin_1-adv.txt&gt;
<http://secunia.com/advisories/41849/&gt;

Limitations

Exploit works on RealWin SCADA 1.6.

Platforms

Windows

Related

cert 1
saint 3
prion 1
checkpoint_advisories 1
openvas 2
packetstorm 1
nvd 1
cvelist 1
cve 1
ics 1
cert
cert
RealFlex RealWin HMI service buffer overflows
2010-11-19 00:00:00
saint
saint
DATAC RealWin SCADA Server SCPC_INITIALIZE buffer overflow
2010-11-08 00:00:00
DATAC RealWin SCADA Server SCPC_INITIALIZE buffer overflow
2010-11-08 00:00:00
DATAC RealWin SCADA Server SCPC_INITIALIZE buffer overflow
2010-11-08 00:00:00
prion
prion
Stack overflow
2010-11-02 02:26:00
checkpoint_advisories
checkpoint_advisories
RealFlex RealWin SCADA SCPC_INITIALIZE Buffer Overflow (CVE-2010-4142)
2010-12-02 00:00:00
openvas
openvas
RealWin SCADA System Buffer Overflow Vulnerabilities
2010-11-02 00:00:00
RealWin SCADA System <= 2.1 Build 6.1.10.10 Multiple Buffer Overflow Vulnerabilities
2010-11-02 00:00:00
packetstorm
packetstorm
DATAC RealWin SCADA Server SCPC_TXTEVENT Buffer Overflow
2010-11-24 00:00:00
nvd
nvd
CVE-2010-4142
2010-11-02 02:26:36
cvelist
cvelist
CVE-2010-4142
2022-10-03 16:21:04
cve
cve
CVE-2010-4142
2022-10-03 16:21:04
ics
ics
GLEG Agora SCADA+ Exploit Pack
2018-09-06 12:00:00

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.587 Medium

EPSS

Percentile

97.7%

JSON
Related for SAINT:8819B5D18F56BF874377E056C8FAD32B
cert1saint3prion1checkpoint_advisories1openvas2packetstorm1nvd1cvelist1cve1ics1