Rockwell Automation FactoryTalk Activation Server Multiple Denial of Service Vulnerabilities

Bugtraq ID:	51444
Class:	Design Error
CVE:	CVE-2012-0221 CVE-2012-0222
Remote:	Yes
Local:	No
Published:	Jan 17 2012 12:00AM
Updated:	Mar 28 2012 10:10PM
Credit:	Luigi Auriemma
Vulnerable:	Rockwall Automation RSLogix 5000 19 Rockwall Automation RSLogix 5000 18 Rockwall Automation RSLogix 5000 17 Rockwall Automation FactoryTalk Activation Server 3.2 Rockwall Automation FactoryTalk CPR9-SR5 Rockwall Automation FactoryTalk CPR9-SR4 Rockwall Automation FactoryTalk CPR9-SR3 Rockwall Automation FactoryTalk CPR9-SR2 Rockwall Automation FactoryTalk CPR9-SR1 Rockwall Automation FactoryTalk CPR9 Rockwall Automation FactoryTalk 0
Not Vulnerable:

Rockwell Automation FactoryTalk Activation Server Multiple Denial of Service Vulnerabilities

Rockwell Automation FactoryTalk Activation Server is prone to multiple remote denial-of-service vulnerabilities.

An attacker can exploit these issues to crash the affected application, denying service to legitimate users.

Rockwell Automation FactoryTalk Activation Server Multiple Denial of Service Vulnerabilities

The following exploit is available:

• /data/vulnerabilities/exploits/51444.zip

Rockwell Automation FactoryTalk Activation Server Multiple Denial of Service Vulnerabilities

Solution:
Vendor updates are available. Please see the references for more information.

Rockwell Automation FactoryTalk Activation Server Multiple Denial of Service Vulnerabilities

References:

• FactoryTalk Diagnostics Receiver Service Homepage (Rockwell Automation)
  
• FactoryTalk RNADiagReceiver (Luigi Auriemma)
  
• ICS-ALERT-12-017-01�??ROCKWELL AUTOMATION FACTORYTALK RNADIAGRECEIVER (CERT)
  
• ICSA-12-088-01�??ROCKWELL AUTOMATION FACTORYTALK RNADIAGRECEIVER DOS VULNERABILITI (ICS-CERT)