CVE-2010-4142

Multiple stack-based buffer overflows in DATAC RealWin 2.0 Build 6.1.8.10 and earlier allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long 1 SCPCINITIALIZE, 2 SCPCINITIALIZERF, or 3 SCPCTXTEVENT packet. NOTE: it was later reported that 1.06 is...

DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - SCPC_INITIALIZE_RF Buffer Overflow

No description provided by source. $Id: realwinscpcinitializerf.rb 11180 2010-11-30 20:19:18Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - SCPC_INITIALIZE Buffer Overflow

No description provided by source. $Id: realwinscpcinitialize.rb 11180 2010-11-30 20:19:18Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - SCPC_TXTEVENT Buffer Overflow

No description provided by source. $Id: realwinscpctxtevent.rb 11125 2010-11-24 13:44:46Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms o...

DATAC RealWin <= 2.0 (Build 6.1.8.10) Buffer Overflow Vulnerabilities

No description provided by source. Source: http://aluigi.org/adv/realwin1-adv.txt Luigi Auriemma Application: DATAC RealWin http://www.dataconline.com/software/realwin.php http://www.realflex.com Versions: = 2.0 Build 6.1.8.10 Platforms: Windows Bugs: A stack overflow in SCPCINITIALIZE and...

DATAC RealWin SCADA Server Buffer Overflow

No description provided by source. $Id: realwin.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

DATAC RealWin SCADA Server 2.0 Remote Stack Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31418/info DATAC RealWin SCADA server is prone to a remote stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execut...

DATAC RealWin SCADA Server 2 On_FC_CONNECT_FCS_a_FILE BoF

Exploit for windows platform in category remote exploits $Id: realwinonfcbinfilea.rb 12975 2011-06-20 04:01:47Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more informatio...

Vulnerabilities in some SCADA server softwares

The following are almost all the vulnerabilities I found for a quick experiment some months ago in certain well known server-side SCADA softwares still vulnerable in this moment. In case someone doesn't know SCADA like me before the tests: it's just one or more softwares usually a core, a graphic...

DATAC RealWin - Multiple Vulnerabilities

Sources: http://aluigi.org/adv/realwin2-adv.txt http://aluigi.org/adv/realwin3-adv.txt http://aluigi.org/adv/realwin4-adv.txt http://aluigi.org/adv/realwin5-adv.txt http://aluigi.org/adv/realwin6-adv.txt http://aluigi.org/adv/realwin7-adv.txt http://aluigi.org/adv/realwin8-adv.txt Advisory Archiv...

DATAC RealWin - Multiple Vulnerabilities

DATAC RealWin - Multiple Vulnerabilities Sources: http://aluigi.org/adv/realwin2-adv.txt http://aluigi.org/adv/realwin3-adv.txt http://aluigi.org/adv/realwin4-adv.txt http://aluigi.org/adv/realwin5-adv.txt http://aluigi.org/adv/realwin6-adv.txt http://aluigi.org/adv/realwin7-adv.txt...

DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - SCPC_INITIALIZE Buffer Overflow (Metasploit)

$Id: realwinscpcinitialize.rb 11180 2010-11-30 20:19:18Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

DATAC RealWin SCADA Server SCPC_TXTEVENT Buffer Overflow

$Id: realwinscpctxtevent.rb 11125 2010-11-24 13:44:46Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - SCPC_TXTEVENT Buffer Overflow (Metasploit)

$Id: realwinscpctxtevent.rb 11125 2010-11-24 13:44:46Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

DATAC RealWin SCADA Server SCPC_INITIALIZE buffer overflow

Added: 11/08/2010 CVE: CVE-2010-4142 BID: 44150 OSVDB: 68812 Background RealWin is a Supervisory Control and Data Acquisition SCADA server which is distributed by DATAC. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted...

DATAC RealWin SCADA Server SCPC_INITIALIZE buffer overflow

Added: 11/08/2010 CVE: CVE-2010-4142 BID: 44150 OSVDB: 68812 Background RealWin is a Supervisory Control and Data Acquisition SCADA server which is distributed by DATAC. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted...

CVE-2010-4142

Multiple stack-based buffer overflows in DATAC RealWin 2.0 Build 6.1.8.10 and earlier allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long 1 SCPCINITIALIZE, 2 SCPCINITIALIZERF, or 3 SCPCTXTEVENT packet. NOTE: it was later reported that 1.06 is...

CVE-2010-4142

DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10 and earlier) is affected by stack-based buffer overflows in SCPC_INITIALIZE, SCPC_INITIALIZE_RF, and SCPC_TXTEVENT handling. Exploitation could crash the service and, in some cases, allow remote arbitrary code execution. Known affected versions inclu...

CVE-2010-4142

Multiple stack-based buffer overflows in DATAC RealWin 2.0 Build 6.1.8.10 and earlier allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long 1 SCPCINITIALIZE, 2 SCPCINITIALIZERF, or 3 SCPCTXTEVENT packet. NOTE: it was later reported that 1.06 is...

DATAC RealWin SCADA Server SCPC_SCPC_INITIALIZE Buffer Overflow

$Id: realwinscpcinitialize.rb 10734 2010-10-18 21:20:02Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...