Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 HTTP:MISC:OMRON-CX-FLNET-RCE

Severity

 Major

Recommended

 Yes

Recommended Action

 Drop

Category

 HTTP

Keywords

 OMRON CX-FLNet Node Name Remote Code Execution

Release Date

 2018/04/24

Update Number

 3058

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: OMRON CX-FLNet Node Name Remote Code Execution


This signature detects attempts to exploit a known vulnerability against OMRON CX-FLNet Node Name. Successful exploitation could result in arbitrary code execution in the context of the target user.

Extended Description

Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer versions 9.65 and prior, CX-Server versions 5.0.22 and prior, Network Configurator versions 3.63 and prior, and Switch Box Utility versions 1.68 and prior, may cause a heap-based buffer overflow.

Affected Products

  • Omron cx-flnet 1.00
  • Omron cx-one 4.42
  • Omron cx-programmer 9.65
  • Omron cx-protocol 1.992
  • Omron cx-server 5.0.22
  • Omron network_configurator 3.63
  • Omron switch_box_utility 1.68

References

  • CVE: CVE-2018-8834
  • URL: http://www.zerodayinitiative.com/advisories/zdi-18-290/

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out