|Check Point Reference:||CPAI-2012-383|
|Date Published:||25 Nov 2012|
|Protection Provided by:||
|Who is Vulnerable?|| Sielco Sistemi WinLog Lite Prior to 2.07. 00|
Sielco Sistemi WinLog Pro Prior to 2.07. 00
|Vulnerability Description||A stack-based buffer overflow vulnerability has been reported in Sielco Sistemi Winlog server.|
|Vulnerability Details||The vulnerability is due to insufficient sanitation of TCP requests. A remote attacker can exploit this issue by sending a specially crafted TCP request to the affected server. Successful exploitation would allow an attacker to execute arbitrary code on the target server.|
This protection will detect and block the transferring of specially crafted requests.
- In the IPS tab, click Protections and find the Sielco Sistemi Winlog Server Buffer Overflow protection using the Search tool and Edit the protection's settings.
- Install policy on all modules.
SmartView Tracker will log the following entries:
Attack Name: SCADA Protection Violation
Attack Information: Sielco Sistemi Winlog Server Buffer Overflow