SAINT CorporationSAINT:D08FB60AC38DA0FEB50371B3274B724EABB WebWare Server RobNetScanHost.exe Stack Buffer Overflow
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.132 Low
EPSS
Percentile
95.6%
Added: 03/01/2012
CVE: CVE-2012-0245
BID: 52123
OSVDB: 79476
Background
ABB provides power and automation technology solutions including robots and related software. ABB WebWare Server is a web-based manufacturing support system designed to facilitate a wide range of production management tasks, including managing communication with connected robot controllers.
Problem
WebWare Server (4.6 through 4.91) for Windows is vulnerable to a buffer overflow in the RobNetScanHost service when processing incoming announcements about robot controller availability on the subnet. By sending a specially crafted packet to the server, a remote attacker could possibly execute arbitrary code on the vulnerable target.
Resolution
Apply patches as described in ABB Vulnerability Security Advisory ABB-VU-DMRO-38599.
References
<http://www.zerodayinitiative.com/advisories/ZDI-12-033/>
<http://secunia.com/advisories/48090/>
Limitations
This exploit has been tested on ABB WebWare Server 4.91 on Microsoft Windows XP SP3 English (DEP OptIn) with no further patches.
Platforms
Windows
Related
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.132 Low
EPSS
Percentile
95.6%