Schneider Electric Accutech Manager Buffer Overflow Vulnerability Network Vulnerability

Summary

The host is running Schneider Electric Accutech Manager and is prone to buffer overflow vulnerability.

Impact

Successful exploitation will allow remote attackers to execute arbitrary code or cause the application to crash, creating a denial-of-service condition. Impact Level: System/Application

Solution

Upgrade to Schneider Electric Accutech Manager 2.00.4 or later. For updates refer to http://www.schneider-electric.com/site/home/index.cfm/ww/

Insight

The flaw is caused by an unspecified error, which can be exploited to cause a heap-based buffer overflow by sending a specially crafted GET request with more than 260 bytes to TCP port 2537.

Affected

Schneider Electric Accutech Manager version 2.00.1 and prior.

References

http://secunia.com/advisories/52034
http://www.exploit-db.com/exploits/24474
http://www.osvdb.org/89691
http://www.securelist.com/en/advisories/52034

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-0658

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Becky! Internet Mail Buffer Overflow Vulnerability
Adobe Air Buffer Overflow Vulnerability (Windows)
A-V Tronics InetServ POP3 Denial Of Service Vulnerability
Adobe Acrobat and Reader SING 'uniqueName' Buffer Overflow Vulnerability (Win)
Adobe Reader 'File Extension' Buffer Overflow Vulnerability (Windows)

Take action and discover your vulnerabilities