7-Technologies Interactive Graphical SCADA System Buffer Overflow Vulnerability

Bugtraq ID:	51157
Class:	Boundary Condition Error
CVE:	CVE-2011-4537
Remote:	Yes
Local:	No
Published:	Dec 21 2011 12:00AM
Updated:	Dec 21 2011 12:00AM
Credit:	Celil Unuver of SignalSEC LLC
Vulnerable:	7-Technologies Interactive Graphical SCADA System 9.0.0.11355 7-Technologies Interactive Graphical SCADA System 9.0.0.11200 7-Technologies Interactive Graphical SCADA System 9.0.0.11143 7-Technologies Interactive Graphical SCADA System 9.0.0.11129 7-Technologies Interactive Graphical SCADA System 9 7-Technologies Interactive Graphical SCADA System 8 7-Technologies Interactive Graphical SCADA System 7
Not Vulnerable:

7-Technologies Interactive Graphical SCADA System Buffer Overflow Vulnerability

7-Technologies Interactive Graphical SCADA System is prone to a buffer-overflow vulnerability.

Successful exploits allow remote attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts likely result in denial-of-service conditions.

7-Technologies Interactive Graphical SCADA System 9.0.0.11355 and prior versions are vulnerable.

7-Technologies Interactive Graphical SCADA System Buffer Overflow Vulnerability

Currently we are not aware of publicly available exploits. If you feel we are in error or if you are aware of more recent information please mail us at: [email protected].

7-Technologies Interactive Graphical SCADA System Buffer Overflow Vulnerability

Solution:
Updates are available. Please see the references for more information.

7-Technologies Interactive Graphical SCADA System Buffer Overflow Vulnerability

References:

• IGSS - Interactive Graphical SCADA System Homepage (7-Technologies)
  
• ICSA-11-355-01�??7-TECHNOLOGIES IGSS BUFFER OVERFLOW (ICS-CERT)