Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: InfoSec Handlers Diary Blog - Patchbag: WinZip / MPlayer / RealWin SCADA vuln InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Patchbag: WinZip / MPlayer / RealWin SCADA vuln

Published: 2008-09-29
Last Updated: 2008-09-29 20:28:18 UTC
by Daniel Wesemann (Version: 1)
0 comment(s)

A couple patches: WinZip11 on W2000 GDIlib vulnerability: http://update.winzip.com/wz112sr1.htm and MPlayer Buffer Overflow: http://www.ocert.org/advisories/ocert-2008-013.html

Further, the RealFlex RealWin 2.0 SCADA system seems vulnerable to a remote unauthenticated buffer overflow. No patch yet. If you run this software on your SCADA, now is the time to double-check if you have port tcp/910 nicely filtered. Otherwise, soon enough, someone else will be checking for you....:  http://www.securityfocus.com/archive/1/496759 and http://xforce.iss.net/xforce/xfdb/45465

0 comment(s)
Diary Archives