Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:9141802236C0FE45D47F6257EFDC505A
HistoryNov 08, 2010 - 12:00 a.m.

DATAC RealWin SCADA Server SCPC_INITIALIZE buffer overflow

2010-11-0800:00:00
SAINT Corporation
download.saintcorporation.com
15

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.587 Medium

EPSS

Percentile

97.8%

JSON

Added: 11/08/2010
CVE: CVE-2010-4142
BID: 44150
OSVDB: 68812

Background

RealWin is a Supervisory Control and Data Acquisition (SCADA) server which is distributed by DATAC.

Problem

A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted SCPC_INITIALIZE or SCPC_INITIALIZE_RF packet to the RealWin SCADA server.

Resolution

Block access to port 912/TCP.

References

<http://aluigi.altervista.org/adv/realwin_1-adv.txt&gt;
<http://secunia.com/advisories/41849/&gt;

Limitations

Exploit works on RealWin SCADA 1.6.

Platforms

Windows

Related

cert 1
openvas 2
checkpoint_advisories 1
nvd 1
packetstorm 1
saint 3
cvelist 1
prion 1
cve 1
ics 1
cert
cert
RealFlex RealWin HMI service buffer overflows
2010-11-19 00:00:00
openvas
openvas
RealWin SCADA System Buffer Overflow Vulnerabilities
2010-11-02 00:00:00
RealWin SCADA System <= 2.1 Build 6.1.10.10 Multiple Buffer Overflow Vulnerabilities
2010-11-02 00:00:00
checkpoint_advisories
checkpoint_advisories
RealFlex RealWin SCADA SCPC_INITIALIZE Buffer Overflow (CVE-2010-4142)
2010-12-02 00:00:00
nvd
nvd
CVE-2010-4142
2010-11-02 02:26:36
packetstorm
packetstorm
DATAC RealWin SCADA Server SCPC_TXTEVENT Buffer Overflow
2010-11-24 00:00:00
saint
saint
DATAC RealWin SCADA Server SCPC_INITIALIZE buffer overflow
2010-11-08 00:00:00
DATAC RealWin SCADA Server SCPC_INITIALIZE buffer overflow
2010-11-08 00:00:00
DATAC RealWin SCADA Server SCPC_INITIALIZE buffer overflow
2010-11-08 00:00:00
cvelist
cvelist
CVE-2010-4142
2022-10-03 16:21:04
prion
prion
Stack overflow
2010-11-02 02:26:00
cve
cve
CVE-2010-4142
2022-10-03 16:21:04
ics
ics
GLEG Agora SCADA+ Exploit Pack
2018-09-06 12:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.587 Medium

EPSS

Percentile

97.8%

JSON
Related for SAINT:9141802236C0FE45D47F6257EFDC505A
cert1openvas2checkpoint_advisories1nvd1packetstorm1saint3cvelist1prion1cve1ics1