Lucene search
SAINT CorporationSAINT:D6693FECB85BD69FAED8425450AB4C27HistoryNov 08, 2010 - 12:00 a.m.
DATAC RealWin SCADA Server SCPC_INITIALIZE buffer overflow
2010-11-0800:00:00
SAINT Corporation
www.saintcorporation.com
20
0.587 Medium
EPSS
Percentile
97.8%
Added: 11/08/2010
CVE: CVE-2010-4142
BID: 44150
OSVDB: 68812
Background
RealWin is a Supervisory Control and Data Acquisition (SCADA) server which is distributed by DATAC.
Problem
A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted SCPC_INITIALIZE or SCPC_INITIALIZE_RF packet to the RealWin SCADA server.
Resolution
Block access to port 912/TCP.
References
<http://aluigi.altervista.org/adv/realwin_1-adv.txt>
<http://secunia.com/advisories/41849/>
Limitations
Exploit works on RealWin SCADA 1.6.
Platforms
Windows
Related
cert
cert
RealFlex RealWin HMI service buffer overflows
2010-11-19 00:00:00
openvas
openvas
RealWin SCADA System Buffer Overflow Vulnerabilities
2010-11-02 00:00:00
checkpoint_advisories
checkpoint_advisories
RealFlex RealWin SCADA SCPC_INITIALIZE Buffer Overflow (CVE-2010-4142)
2010-12-02 00:00:00
nvd
nvd
CVE-2010-4142
2010-11-02 02:26:36
packetstorm
packetstorm
DATAC RealWin SCADA Server SCPC_TXTEVENT Buffer Overflow
2010-11-24 00:00:00
saint
saint
DATAC RealWin SCADA Server SCPC_INITIALIZE buffer overflow
2010-11-08 00:00:00
DATAC RealWin SCADA Server SCPC_INITIALIZE buffer overflow
2010-11-08 00:00:00
DATAC RealWin SCADA Server SCPC_INITIALIZE buffer overflow
2010-11-08 00:00:00
cvelist
cvelist
CVE-2010-4142
2022-10-03 16:21:04
prion
prion
Stack overflow
2010-11-02 02:26:00
cve
cve
CVE-2010-4142
2022-10-03 16:21:04
ics
ics
GLEG Agora SCADA+ Exploit Pack
2018-09-06 12:00:00