search menu icon-carat-right cmu-wordmark

CERT Coordination Center


InduSoft NTWebServer web service stack-based buffer overflow

Vulnerability Note VU#506864

Original Release Date: 2011-01-12 | Last Revised: 2011-01-12

Overview

InduSoft NTWebServer web service contains a stack-based buffer overflow vulnerability.

Description

According to InduSoft's website: "InduSoft Web Studio™ is a powerful collection of automation tools that provide all the automation building blocks to develop HMIs, SCADA systems and embedded instrumentation solutions. Utilize InduSoft integrated Web technologies to take advantage of Internet/intranet connectivity." InduSoft NTWebServer runs a test web service on port 80/tcp. InduSoft NTWebServer test web service is vulnerable to a stack-based buffer overflow when more than 2048 bytes are written to the fixed-size stack buffer causing the test web service to write past the bounds of the buffer and corrupt the memory.

Impact

An attacker can cause the service to crash and may be able to execute arbitrary code.

Solution

Use IIS

InduSoft recommends using NTWebServer test web service only for development purposes and Microsoft IIS for production.


Restrict Access

Enable firewall rules to restrict access for port 80/tcp to only trusted sources.

Vendor Information

InduSoft's website lists other devices that may be using NTWebServer test web service that may also be vulnerable.

506864
Expand all

Advantech

Updated:  January 10, 2011

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

http://www.advantechdirect.com/emarketingprograms/AStudio_Patch/AStudio_Patch.htm

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

InduSoft

Updated:  January 12, 2011

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

http://www.indusoft.com/blog/?p=337

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.


CVSS Metrics

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A

References

Credit

Thanks to Jeremy Brown for reporting this vulnerability to ICS-CERT.

This document was written by Michael Orlando.

Other Information

CVE IDs: None
Severity Metric: 71.28
Date Public: 2011-01-04
Date First Published: 2011-01-12
Date Last Updated: 2011-01-12 23:13 UTC
Document Revision: 27

Sponsored by the Department of Homeland Security Office of Cybersecurity and Communications.