[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] nSense-2011-005: Scadatec Procyon core server



      nSense Vulnerability Research Security Advisory NSENSE-2011-005
      ---------------------------------------------------------------

      Affected Vendor:    Scadatec
      Affected Product:   Procyon core server <=1.06
      Platform:           Windows
      Impact:             Remote code execution
      Vendor response:    New version released
      CVE:                None
      Credit:             Knud / nSense

      Technical details
      ---------------------------------------------------------------
      The coreservice.exe process contains a remotely exploitable
      memory corruption flaw which allows for remode code execution.
      The affected component is coreservice.exe, which listens on port
      23, running as SYSTEM. Sending a long string will trigger the
      overflow.

      Timeline:
      20110412     Contacted ICS-CERT
      20110527     Vendor communicates with ICS-CERT, working on fix
      20110720     Independtly rediscovered by Steven Seeley/Stratsec
      20110708     ICS-CERT provides link to fixed version
      20110708     nSense validates fix is working as intended
      20110804     ICS-CERT releases advisory to US-CERT portal
      20110907     ICS-CERT releases public advisory

      Solution
      Contact the vendor for an updated version:
      http://www.scadatec.co.uk/

      Links:
      http://www.nsense.fi                       http://www.nsense.dk



      $$s$$$$s.   ,s$$$$s   ,S$$$$$s.  $$s$$$$s.   ,s$$$$s   ,S$$$$$s.
      $$$  `$$$  ($$(       $$$  `$$$  $$$  `$$$  ($$(       $$$  `$$$
      $$$   $$$    `^$$s.   $$$$$$$$$  $$$   $$$    `^$$s.   $$$$$$$$$
      $$$   $$$       )$$)  $$$        $$$   $$$       )$$)  $$$
      $$$   $$$  ^$$$$$$7    `7$$$$$P  $$$   $$$  ^$$$$$$7   `7$$$$$P

                     D r i v e n   b y   t h e   c h a l l e n g e _

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/