PowerNet Twin Client 'RFSynC' Denial Of Service Vulnerability Network Vulnerability

Summary

The host is running PowerNet Twin Client and is prone to denial of service vulnerability.

Impact

Successful exploitation may allow remote attackers to cause the application to crash, creating a denial of service condition. Impact Level: Application

Solution

No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.

Insight

A signedness error in 'RFSync.exe' when processing certain requests, can be exploited to cause a crash via a specially crafted request sent to TCP port 1804.

Affected

PowerNet Twin Client 8.9 and prior

References

http://aluigi.altervista.org/adv/powernet_1-adv.txt
http://secunia.com/advisories/49754/
http://www.exploit-db.com/exploits/19456/

Updated on 2017-03-28

Severity

Classification

CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Apple QuickTime Multiple Denial of Service Vulnerabilities - (Windows)
cfengine AuthenticationDialogue vulnerability
Adersoft VbsEdit '.vbs' File Denial Of Service Vulnerability
freeSSHd SFTP 'rename' and 'realpath' Remote DoS Vulnerability
Abyss httpd crash

PowerNet Twin Client 'RFSynC' Denial of Service Vulnerability

Take action and discover your vulnerabilities