Sielco Sistemi Winlog < 2.07.18 Multiple Vulnerabilities

This script is Copyright (C) 2012-2017 Tenable Network Security, Inc.

Synopsis :

A SCADA application on the remote host is affected by multiple

Description :

The remote host has a version of Sielco Sistemi Winlog prior to
2.07.18 that is affected by the following vulnerabilities:

- A buffer overflow vulnerability exists in RunTime.exe
could allow an attacker to execute arbitrary code on the
remote host. It can be triggered by sending specially
crafted packets to port 46824. (CVE-2012-3815)

- There are multiple buffer overflows that can be
triggered by sending a specially crafted packet with a
negative integer after an opcode to port 46824. This
may give attackers the ability to execute arbitrary
code. (CVE-2012-4355, CVE-2012-4358)

See also :

Solution :

Upgrade to WinLog 2.07.18 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true

Family: SCADA

Nessus Plugin ID: 61494 ()

Bugtraq ID: 53811

CVE ID: CVE-2012-4355

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now