Rockwell Automation RSLinx Classic ENGINE.dll Stack Buffer Overflow
High Nessus Plugin ID 119265
SynopsisA SCADA application running on the remote host is affected by a remote code execution vulnerability.
DescriptionThe RSLinx Classic running on the remote host is affected by a remote code execution vulnerability due to a stack buffer overflow condition when handling an EtherNet/IP message received on TCP port 44818. An unauthenticated, remote attacker can exploit this issue, via a specially crafted message, to execute arbitrary code.
Note that RSLinx Classic is reportedly affected by additional vulnerabilities; however, this plugin has not tested for these.
SolutionPatches are available for versions 4.00.01, 3.90.01, 3.81, 3.80, 3.74, and 3.60. See vendor Knowledgebase Article ID 1075712 for more details.