Siemens Automation License Manager Denial of Service and ActiveX Control Vulnerabilities

Last Update Date: 29 Nov 2011 10:41 Release Date: 29 Nov 2011 5819 Views

RISK: High Risk

High Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

Multiple vulnerabilities have identified in Siemens Automation License Manager, which can be exploited by malicious people to cause a DoS (Denial of Service) and manipulate certain data.

  1. An error in almsrvx.exe when processing certain requests can be exploited to cause an unhandled exception and terminate the service via a specially crafted packet sent to TCP port 4410.
  2. An NULL pointer dereference error in almsrvx.exe when processing certain requests can be exploited to crash the service via a specially crafted packet sent to TCP port 4410.
  3. The insecure "Save()" method in the ALMListView.ALMListCtrl ActiveX control (almaxcx.dll) can be exploited to create or overwrite arbitrary files with empty content in the context of the currently logged-on user.

Impact

  • Denial of Service
  • Data Manipulation

System / Technologies affected

  • Siemens Automation License Manager 5.x
  • Siemens Automation License Manager ActiveX Control 5.x

Solutions

  • Restrict access to trusted hosts only.
  • Set the kill-bit for the affected ActiveX control.

Vulnerability Identifier

  • No CVE information is available

Source

Related Link

Share with

Previous

Novell NetWare XNFS.NLM "xdrDecodeString()" Buffer Overflow Vulnerability

25 Nov 2011 5370 Views

Next

Schneider Electric Products Multiple Vulnerabilities

30 Nov 2011 5713 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY