cnvd-2015-08446
Vulnerability from cnvd
Title
Schneider Electric Modicon M340 PLC BMXNOx和BMXPx栈缓冲溢出漏洞
Description
Schneider Electric Modicon M340 PLC BMXNOx和BMXPx都是法国施耐德电气(Schneider Electric)公司的可编程控制器产品。GoAhead Web Server是其中的一款嵌入式Web服务器。 Schneider Electric Modicon M340 PLC BMXNOx和BMXPx设备的GoAhead Web Server中存在栈缓冲区溢出漏洞。远程攻击者可借助HTTP Basic Authentication数据中较长的密码利用该漏洞执行任意代码。
Severity
Patch Name
Schneider Electric Modicon M340 PLC BMXNOx和BMXPx栈缓冲溢出漏洞的补丁
Patch Description
Schneider Electric Modicon M340 PLC BMXNOx和BMXPx都是法国施耐德电气(Schneider Electric)公司的可编程控制器产品。GoAhead Web Server是其中的一款嵌入式Web服务器。 Schneider Electric Modicon M340 PLC BMXNOx和BMXPx设备的GoAhead Web Server中存在栈缓冲区溢出漏洞。远程攻击者可借助HTTP Basic Authentication数据中较长的密码利用该漏洞执行任意代码。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description

目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接: http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-344-01

Reference
https://ics-cert.us-cert.gov/advisories/ICSA-15-351-01 http://www.securityfocus.com/bid/79622
Impacted products
Name
Schneider Electric Modicon M340
Show details on source website

To clipboard 

{
  "bids": {
    "bid": {
      "bidNumber": "79622"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-7937"
    }
  },
  "description": "Schneider Electric Modicon M340 PLC BMXNOx\u548cBMXPx\u90fd\u662f\u6cd5\u56fd\u65bd\u8010\u5fb7\u7535\u6c14\uff08Schneider Electric\uff09\u516c\u53f8\u7684\u53ef\u7f16\u7a0b\u63a7\u5236\u5668\u4ea7\u54c1\u3002GoAhead Web Server\u662f\u5176\u4e2d\u7684\u4e00\u6b3e\u5d4c\u5165\u5f0fWeb\u670d\u52a1\u5668\u3002\r\n\r\nSchneider Electric Modicon M340 PLC BMXNOx\u548cBMXPx\u8bbe\u5907\u7684GoAhead Web Server\u4e2d\u5b58\u5728\u6808\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u501f\u52a9HTTP Basic Authentication\u6570\u636e\u4e2d\u8f83\u957f\u7684\u5bc6\u7801\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "discovererName": "Nir Giller",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttp://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-344-01",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-08446",
  "openTime": "2015-12-24",
  "patchDescription": "Schneider Electric Modicon M340 PLC BMXNOx\u548cBMXPx\u90fd\u662f\u6cd5\u56fd\u65bd\u8010\u5fb7\u7535\u6c14\uff08Schneider Electric\uff09\u516c\u53f8\u7684\u53ef\u7f16\u7a0b\u63a7\u5236\u5668\u4ea7\u54c1\u3002GoAhead Web Server\u662f\u5176\u4e2d\u7684\u4e00\u6b3e\u5d4c\u5165\u5f0fWeb\u670d\u52a1\u5668\u3002\r\n\r\nSchneider Electric Modicon M340 PLC BMXNOx\u548cBMXPx\u8bbe\u5907\u7684GoAhead Web Server\u4e2d\u5b58\u5728\u6808\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u501f\u52a9HTTP Basic Authentication\u6570\u636e\u4e2d\u8f83\u957f\u7684\u5bc6\u7801\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Schneider Electric Modicon M340 PLC BMXNOx\u548cBMXPx\u6808\u7f13\u51b2\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Schneider Electric Modicon M340"
  },
  "referenceLink": "https://ics-cert.us-cert.gov/advisories/ICSA-15-351-01\r\nhttp://www.securityfocus.com/bid/79622",
  "serverity": "\u9ad8",
  "submitTime": "2015-12-23",
  "title": "Schneider Electric Modicon M340 PLC BMXNOx\u548cBMXPx\u6808\u7f13\u51b2\u6ea2\u51fa\u6f0f\u6d1e"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.