Schneider Electric Accutech Manager Buffer Overflow Vulnerability Network Vulnerability

Summary

The host is running Schneider Electric Accutech Manager and is prone to buffer overflow vulnerability.

Impact

Successful exploitation will allow remote attackers to execute arbitrary code or cause the application to crash, creating a denial-of-service condition. Impact Level: System/Application

Solution

Upgrade to Schneider Electric Accutech Manager 2.00.4 or later. For updates refer to http://www.schneider-electric.com/site/home/index.cfm/ww/

Insight

The flaw is caused by an unspecified error, which can be exploited to cause a heap-based buffer overflow by sending a specially crafted GET request with more than 260 bytes to TCP port 2537.

Affected

Schneider Electric Accutech Manager version 2.00.1 and prior.

References

http://secunia.com/advisories/52034
http://www.exploit-db.com/exploits/24474
http://www.osvdb.org/89691
http://www.securelist.com/en/advisories/52034

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-0658
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Shockwave Player ActiveX Control BOF Vulnerability
Adobe Reader 'Plug-in' Buffer Overflow Vulnerability (Windows)
ACDSee FotoSlate PLP Multiple Buffer Overflow Vulnerabilities
DATAC RealWin SCADA Server On_FC_CONNECT_FCS_a_FILE Buffer Overflow Vulnerability
avast! 'aswRdr.sys' Buffer Overflow Vulnerability

Take action and discover your vulnerabilities