This script is Copyright (C) 2011-2015 Tenable Network Security, Inc.
The remote Windows host contains a SCADA application that is affected
by multiple buffer overflow vulnerabilities.
The installed version of RealWin is earlier than 2.1.12 (2.1 Build
126.96.36.199) and thus reportedly affected by seven heap- and stack-based
buffer overflow vulnerabilities.
Using a specially crafted sequence of packets to the applications
services listening on TCP ports 910 and 912, an unauthenticated remote
attacker who can leverage this issue to crash the affected service or
to execute code on the affected host with SYSTEM-level privileges.
Note that while the vendor claims the vulnerabilities only affect the
demo version of RealWin, there is speculation that this is inaccurate
and that use of an encryption option in the commercial version only
serves to mitigate the risk of attack, not completely eliminate it.
Given that new versions of both the demo and commercial versions are
available, we feel the prudent course of action is for the plugin to
check only the version number.
See also :
Upgrade to RealWin version 2.1.12 (2.1 Build 188.8.131.52) or later.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 9.5
Public Exploit Available : true
Nessus Plugin ID: 53543 ()
Bugtraq ID: 46937
CVE ID: CVE-2011-1563CVE-2011-1564
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.