Signature Detail
Short Name |
SCADA:SUNWAY-FORCECONTROL-OF |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
SCADA |
Keywords |
Sunway Forcecontrol SNMP NetDBServer.exe Overflow |
Release Date |
2012/10/31 |
Update Number |
2199 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: Sunway Forcecontrol SNMP NetDBServer.exe Overflow
This signature detects attempts to exploit a known flaw in Sunway Forcecontrol SNMP NetDBServer. A stack based buffer overflow has been found in the SNMP NetDBServer service of Sunway Forcecontrol <= 6.1 sp3. The overflow is triggered when sending an overly long string to the listening service on port 2001. A successful attack may result in arbitrary code execution.
Extended Description
Sunway ForceControl is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the affected application, retrieve arbitrary files outside of the server root directory, or cause denial-of-service conditions; other attacks may also be possible. Sunway ForceControl versions 6.1 sp3 and prior are vulnerable.
Affected Products
- Sunway ForceControl 6.1 SP1
- Sunway ForceControl 6.1 SP2
- Sunway ForceControl 6.1 SP3
References
- BugTraq: 49747
- CVE: CVE-2011-2960