ScadaTEC ScadaPhone and ModbusTagServer SCADA Remote Code Execution - Ver2 (CVE-2011-4535)

A stack buffer overflow vulnerability has been reported in ScadaTEC ScadaPhone and ModbusTagServer. The vulnerability is due to a boundary check error. A remote attacker can exploit this issue by enticing a victim to open a specially crafted ZIP archive file with the affected product. Successful...

ScadaTEC ModbusTagServer & ScadaPhone (.zip) Buffer Overflow Exploit (0day)

No description provided by source. ?php / ScadaTEC ModbusTagServer & ScadaPhone .zip buffer overflow exploit 0day Date: 09/09/2011 Author: mrme @netninja Vendor: http://www.scadatec.com/ ScadaPhone Version: = 5.3.11.1230 ModbusTagServer Version: = 4.1.1.81 Tested on: Windows XP SP3...

ScadaTEC ScadaPhone and ModbusTagServer SCADA Remote Code Execution (CVE-2011-4535)

A stack buffer overflow vulnerability has been reported in ScadaTEC ScadaPhone and ModbusTagServer...

CVE-2011-4535

Buffer overflow in TurboPower Abbrevia before 4.0, as used in ScadaTEC ScadaPhone 5.3.11.1230 and earlier, ScadaTEC ModbusTagServer 4.1.1.81 and earlier, and other products, allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted ZIP...

Buffer overflow

Buffer overflow in TurboPower Abbrevia before 4.0, as used in ScadaTEC ScadaPhone 5.3.11.1230 and earlier, ScadaTEC ModbusTagServer 4.1.1.81 and earlier, and other products, allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted ZIP...

CVE-2011-4535

CVE-2011-4535 is a buffer overflow in TurboPower Abbrevia prior to 4.0, embedded in ScadaTEC ScadaPhone 5.3.11.1230 and ScadaTEC ModbusTagServer 4.1.1.81 and other products. The overflow occurs while handling ZIP files and can cause a denial of service or potentially allow arbitrary code executio...

ScadaTEC ScadaPhone & Modbus TagServer Buffer Overflow Vulnerability

OVERVIEW This advisory is a follow-up to the ICS-CERT alert titled ICS-ALERT-11-255-01—ScadaTEC ScadaPhone/ModbusTagServer Buffer Overflow, which was published September 12, 2011, on the ICS‑CERT Web page. On September 12, 2011, independent security researcher Steven Seeley publicly released a...

ScadaTEC ModbusTagServer ScadaPhone - .zip Local Buffer Overflow

ScadaTEC ModbusTagServer ScadaPhone - .zip Local Buffer Overflow mrme@neptune scadatec$ php zip.php -t modbustagserver mrme@neptune scadatec$ nc -v 192.168.114.141 4444 Connection to 192.168.114.141 4444 port tcp/krb524 succeeded! Microsoft Windows XP Version 5.1.2600 C Copyright 1985-2001...

ScadaTEC ModbusTagServer & ScadaPhone - '.zip' Local Buffer Overflow

mrme@neptune scadatec$ php zip.php -t modbustagserver mrme@neptune scadatec$ nc -v 192.168.114.141 4444 Connection to 192.168.114.141 4444 port tcp/krb524 succeeded! Microsoft Windows XP Version 5.1.2600 C Copyright 1985-2001 Microsoft Corp. C:\ScadaTEC\ModbusTagServer\Projects 'The reason they...

ScadaTEC ModbusTagServer / ScadaPhone Buffer Overflow

mrme@neptune scadatec$ php zip.php -t modbustagserver mrme@neptune scadatec$ nc -v 192.168.114.141 4444 Connection to 192.168.114.141 4444 port tcp/krb524 succeeded! Microsoft Windows XP Version 5.1.2600 C Copyright 1985-2001 Microsoft Corp. C:\ScadaTEC\ModbusTagServer\Projects 'The reason they...

ScadaTEC ModbusTagServer & ScadaPhone (.zip) Buffer Overflow (0day)

Exploit for windows platform in category local exploits email protected scadatec$ php zip.php -t modbustagserver email protected scadatec$ nc -v 192.168.114.141 4444 Connection to 192.168.114.141 4444 port tcp/krb524 succeeded! Microsoft Windows XP Version 5.1.2600 C Copyright 1985-2001 Microsoft...