Moxa Device Manager Tool MDM2_Gateway Response Remote Overflow

high Nessus Plugin ID 52051

Synopsis

The remote host contains an application that is affected by a buffer overflow vulnerability.

Description

The remote Windows host has a version earlier than 2.3 of the Moxa Device Manager (MDM) Tool, used for managing embedded industrial control systems across the Internet. Such versions are affected by a buffer overflow vulnerability that can be triggered using a specially crafted MDM2_Gateway response.

If an attacker can trick a user into connecting with the affected application to a malicious gateway, he can leverage this issue to execute arbitrary code on the affected host, subject to the user's privileges.

Solution

Upgrade to Moxa Device Manager Tool 2.3 or later.

See Also

http://www.nessus.org/u?aff59b59

http://www.us-cert.gov/control_systems/pdf/ICS-Alert-10-293-02.pdf

https://www.moxa.com/support/download.aspx?d_id=2669

Plugin Details

Severity: High

ID: 52051

File Name: moxa_mdmtool_2_3.nbin

Version: 1.244

Type: local

Family: SCADA

Published: 2/21/2011

Updated: 11/22/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/10/2010

Vulnerability Publication Date: 10/20/2010

Exploitable With

Metasploit (MOXA Device Manager Tool 2.1 Buffer Overflow)

Reference Information

CVE: CVE-2010-4741

BID: 46156

Secunia: 43191