Sielco Sistemi Winlog < 2.07.18 Multiple Vulnerabilities
Critical Nessus Plugin ID 61494
SynopsisA SCADA application on the remote host is affected by multiple vulnerabilities.
DescriptionThe remote host has a version of Sielco Sistemi Winlog prior to 2.07.18 that is affected by the following vulnerabilities:
- A buffer overflow vulnerability exists in RunTime.exe could allow an attacker to execute arbitrary code on the remote host. It can be triggered by sending specially crafted packets to port 46824. (CVE-2012-3815)
- There are multiple buffer overflows that can be triggered by sending a specially crafted packet with a negative integer after an opcode to port 46824. This may give attackers the ability to execute arbitrary code. (CVE-2012-4355, CVE-2012-4358)
SolutionUpgrade to WinLog 2.07.18 or later.