___________________________________________________________________ Insomnia Security Vulnerability Advisory: ISVA-110427.1 ___________________________________________________________________ Name: IGSS ODBC Service Remote Overflow Vulnerability Released: 27 April 2011 Vendor Link: http://www.igss.com Affected Products: IGSS (Interactive Graphical SCADA System) v9 Original Advisory: http://www.insomniasec.com/advisories/ISVA-110427.1.htm Researcher: James Burton, Insomnia Security http://www.insomniasec.com ___________________________________________________________________ _______________ Description _______________ IGSS (Interactive Graphical SCADA System) is a complete automation software - a SCADA system for process control and supervision. It was developed by 7-Technologies and is the first world's first object orientated, mouse operated SCADA system. A remote stack overflow vulnerability exists in the IGSS ODBC service. No authentication is required to exploit this vulnerability. _______________ Details _______________ The ODBC service component of IGSS listens on port 20222/tcp by default. The application layer protocol runs over TCP and reads an initial packet that specifies the amount of data to follow. A second read then takes place and the data is copied into a variable length buffer. Next the data is parsed and during this process a buffer overflow occurs on the stack. At minimum this vulnerability leads to denial of service though remote code execution may be possible. _______________ Solution _______________ Download the latest version using the IGSS Update application found under the Information and Support menu of IGSS Master. Alternatively email support (at) igss.com for more information. _______________ Legals _______________ The information is provided for research and educational purposes only. Insomnia Security accepts no liability in any form whatsoever for any direct or indirect damages associated with the use of this information. ___________________________________________________________________ Insomnia Security Vulnerability Advisory: ISVA-110427.1 ___________________________________________________________________ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/