CERT-In Advisory CIAD-2007-21
LiveData Protocol Server Heap Overflow Vulnerability
Original issue date:
May 08, 2007
Severity Rating: High
System Affected
Overview
A vulnerability has been reported in LiveData Protocol Server which could be exploited by remote attacker to execute arbitrary code on the affected system or cause denial of service attack.
Description
LiveData is a provider of real-time data acquisition and processing software. LiveData Protocol Server is used in SCADA environments to record and transmit data to other control points in process control networks. The LiveData server includes a HTTP server that offers a SOAP interface to the product.
A heap overflow vulnerability has been reported in LiveData Protocol Server due to an error within the handling of requests for Web Services Description Language (WSDL) files.
A remote attacker could send a specially crafted request to the service on port 8080 by supplying negative length value to a strncpy call. This value is interpreted by strncpy as a very large positive value. As a result, a memory access violation occurs when attempting to write data past the end of the heap memory segment .
Successful exploitation of the vulnerability could lead to remote code execution with system privileges on the affected system or could crash LiveDataServer service .
Workaround
- Block or restrict access to the LiveData Protocol Server (8080/tcp) from untrusted networks such as the internet.
Solution
Update to latest version provided by vendor
http://www.livedata.com/content/view/46/23/
References
iDefense Labs
http://labs.idefense.com/intelligence/vulnerabilities/display.php?
id=523
US -CERT
http://www.kb.cert.org/vuls/id/213516
Secunia
http://secunia.com/advisories/25076/
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
|
