PT-2016-1125 · Advantech · Webaccess

Publicado

2016-01-15

Atualizado

2016-12-06

CVE-2016-0860

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Advantech WebAccess versions prior to 8.1

Description The issue is caused by a buffer overflow in the BwpAlarm subsystem, allowing remote attackers to cause a denial of service via a crafted RPC request. This can be exploited by sending a specially formed RPC request to the affected system.

Recommendations For versions prior to 8.1, update to version 8.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the BwpAlarm subsystem to minimize the risk of exploitation.

Correção

DoS

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

BDU:2016-00384

CVE-2016-0860

ZDI-16-058

ZDI-16-074

Produtos afetados

Webaccess

PT-2016-1125 · Advantech · Webaccess

CVE-2016-0860

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8