CVE-2010-4709

Description

Heap-based buffer overflow in Automated Solutions Modbus/TCP Master OPC Server before 3.0.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a MODBUS response packet with a crafted length field.

Affected products

• automatedsolutions / modbus/tcp_master_opc_server3.0.1
• automatedsolutions / modbus/tcp_master_opc_server2.0 – 2.0
• automatedsolutions / modbus/tcp_master_opc_server2.0_build_1 – 2.0_build_1
• automatedsolutions / modbus/tcp_master_opc_server2.0a – 2.0a
• automatedsolutions / modbus/tcp_master_opc_server2.1 – 2.1
• automatedsolutions / modbus/tcp_master_opc_server2.2 – 2.2
• automatedsolutions / modbus/tcp_master_opc_server2.2a – 2.2a
• automatedsolutions / modbus/tcp_master_opc_server2.3 – 2.3
• automatedsolutions / modbus/tcp_master_opc_server2.3a – 2.3a
• automatedsolutions / modbus/tcp_master_opc_server2.4 – 2.4
• automatedsolutions / modbus/tcp_master_opc_server2.4a – 2.4a
• automatedsolutions / modbus/tcp_master_opc_server2.5 – 2.5
• automatedsolutions / modbus/tcp_master_opc_server2.6 – 2.6
• automatedsolutions / modbus/tcp_master_opc_server2.6a – 2.6a
• automatedsolutions / modbus/tcp_master_opc_server2.6b – 2.6b
• automatedsolutions / modbus/tcp_master_opc_server2.7 – 2.7
• automatedsolutions / modbus/tcp_master_opc_server2.7a – 2.7a
• automatedsolutions / modbus/tcp_master_opc_server2.7b – 2.7b
• automatedsolutions / modbus/tcp_master_opc_server2.7c – 2.7c
• automatedsolutions / modbus/tcp_master_opc_server2.7d – 2.7d
• automatedsolutions / modbus/tcp_master_opc_server2.7e – 2.7e
• automatedsolutions / modbus/tcp_master_opc_server2.7f – 2.7f
• automatedsolutions / modbus/tcp_master_opc_server2.8 – 2.8
• automatedsolutions / modbus/tcp_master_opc_server2.9 – 2.9
• automatedsolutions / modbus/tcp_master_opc_server2.9.1 – 2.9.1
• automatedsolutions / modbus/tcp_master_opc_server2.9.4 – 2.9.4
• automatedsolutions / modbus/tcp_master_opc_server2.9.5 – 2.9.5
• automatedsolutions / modbus/tcp_master_opc_server2.9_build_2.9.3 – 2.9_build_2.9.3
• automatedsolutions / modbus/tcp_master_opc_server2.10 – 2.10
• automatedsolutions / modbus/tcp_master_opc_server2.11 – 2.11
• automatedsolutions / modbus/tcp_master_opc_server2.12 – 2.12
• automatedsolutions / modbus/tcp_master_opc_server2.12.1 – 2.12.1
• automatedsolutions / modbus/tcp_master_opc_server2.12.3 – 2.12.3
• automatedsolutions / modbus/tcp_master_opc_server3.0.0 – 3.0.0

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/64944
• MISChttp://www.securityfocus.com/bid/45974
• MISChttp://www.kb.cert.org/vuls/id/768840
• VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2011/0209
• VENDOR_ADVISORYhttp://secunia.com/advisories/43029
• EXPLOIThttp://www.exploit-db.com/exploits/16040
• MISChttp://automatedsolutions.com/pub/asmbtcpopc/readme.htm
• MISChttp://www.us-cert.gov/control_systems/pdf/ICSA-10-322-02A.pdf