RealFlex RealWin FC_RFUSER_FCS_LOGIN Buffer Overflow

2011-04-01T00:00:00
ID SAINT:C7938890448916AE9C5A3EBDC050862B
Type saint
Reporter SAINT Corporation
Modified 2011-04-01T00:00:00

Description

Added: 04/01/2011
CVE: CVE-2011-1563
BID: 46937

Background

RealWin is a Supervisory Control and Data Acquisition (SCADA) server which is distributed by DATAC.

Problem

A buffer overflow vulnerability in RealWin Server allows remote attackers to execute arbitrary commands by sending a long, specially crafted FC_RFUSER_FCS_LOGIN packet.

Resolution

Block access to port 910/TCP.

References

<http://secunia.com/advisories/43848>

Limitations

Exploit works on RealFlex RealWin SCADA System 1.6 on Microsoft Windows Server 2003 SP2 with KB956802 and KB2393802.

Platforms

Windows 2003