Overview
The lm_tcp service in Invensys Wonderware InBatch and Foxboro I/A Series Batch contains a buffer overflow vulnerability when coping string data into a buffer in a fixed structure.
Description
From the Invensys Wonderware website: "InBatch is powerful software that can be used in the most complex batching processes that require a high level of flexibility." Wonderware InBatch runs a database lock manager (lm_tcp) service that listens (manually or automatically during the launching of "Environment Display/Manager") on port 9001. Foxboro I/A Series Batch includes an application with the same service. The service in both products is vulnerable to a buffer overflow when copying a string into a buffer of 150 bytes which is part of a fixed structure. |
Impact
An attacker can cause the device to crash and may be able to execute arbitrary code. |
Solution
Upgrade |
Restrict Access
|
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
This vulnerability was publicly disclosed by Luigi Auriemma.
This document was written by Michael Orlando.
Other Information
| CVE IDs: | None |
| Severity Metric: | 24.41 |
| Date Public: | 2010-12-08 |
| Date First Published: | 2010-12-15 |
| Date Last Updated: | 2010-12-16 12:20 UTC |
| Document Revision: | 26 |