Netbiter Config NetbiterConfig.exe Device Hostname Remote Overflow
High Nessus Plugin ID 43614
SynopsisThe remote Windows host contains a program that is affected by a buffer overflow vulnerability.
DescriptionThe Netbiter Config utility is installed on the remote Windows host.
It is a configuration utility used to query and set TCP/IP network settings in NetBiter WebSCADA devices.
According to its version, the installed version of this utility does not properly handle specially crafted UDP packets with values of the 'hn' parameter longer than 32 bytes.
An anonymous remote attacker may be able to exploit this issue to overflow the application's stack and thereby execute arbitrary code subject to the privileges of the user who launched the utility. Note, though, that the flaw is reportedly triggered only when the user double-clicks on a list-box item.
SolutionUpgrade to Netbiter Config version 1.3.1 or later.