Tenable Network Security
Solutions Products Nessus Demos Partners Online Store
Nessus
Download
Plugins
     Newest Plugins
     Obtain an activation code
     View all plugins
     Search
Documentation
Register
Buy Now
ProfessionalFeed Support
Bugs
All the Tenable Products

Automated Solutions Modbus TCP Slave ActiveX Heap Corruption Vulnerability
This script is Copyright (C) 2007 Tenable Network Security, Inc.

FamilySCADA
Nessus Plugin ID26066 ()
Bugtraq ID25713
CVE ID

Description:

Synopsis :

The remote Windows host has an ActiveX control that is affected by a
buffer overflow vulnerability.

Description :

The remote host contains the Automated Solutions Modbus TCP Slave
ActiveX control, which allows a PC to emulate a Modbus Serial and/or
TCP slave device.

The version of this control installed on the remote host reportedly
contains a buffer overflow issue with the Modbus/TCP Diagnostic
function (FC8). Using specially-crafted Modbus requests. An
unauthenticated remote attacker may be able to leverage this issue to
execute arbitrary code remotely subject to the privileges of the user
running the MiniHMI.exe program.

See also :

http://dvlabs.tippingpoint.com/advisory/TPTI-07-15
http://archives.neohapsis.com/archives/fulldisclosure/2007-09/0330.html
http://www.automatedsolutions.com/pub/asmbslv/ReadMe.htm

Solution :

Upgrade to version Automated Solutions Modbus Slave ActiveX Control
version 1.5 or later.

Risk factor :

High / CVSS Base Score : 7.6
(CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C)
About us | Whitepapers | Training | Discussion Forums | Support Portal | Blog | RSS feeds | Contact us | Legal | Privacy

© Copyright 2002 - 2010 Tenable Network Security(R). All Rights Reserved.

This is the web site for the Nessus Vulnerability Scanner from Tenable Network Security. If you are looking for the probabilistic analysis software from Southwest Research Institute, please visit www.nessus.swri.org