Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:FATEK-PLC-STACK-BO |
|---|---|
Severity |
Major |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Fatek Automation PLC WinProladder Stack Buffer Overflow |
Release Date |
2017/02/28 |
Update Number |
2833 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Fatek Automation PLC WinProladder Stack Buffer Overflow
A stack-based buffer overflow exists in Fatek Automation PLC WinProladder. Successful exploitation could result in denial of service conditions or, in the worst case, arbitrary code execution in the context of the user running the application.
Extended Description
An issue was discovered in Fatek Automation PLC WinProladder Version 3.11 Build 14701. A stack-based buffer overflow vulnerability exists when the software application connects to a malicious server, resulting in a stack buffer overflow. This causes an exploitable Structured Exception Handler (SEH) overwrite condition that may allow remote code execution.
Affected Products
- Fatek_automation plc_winproladder_firmware 3.11
References
- BugTraq: 94938
- CVE: CVE-2016-8377