Schneider Electric Accutech Manager HTTP Request Processing Buffer Overflow Vulnerability

Secunia ID	SA52034
CVE-ID	CVE-2013-0658
Release Date	31 Jan 2013
Last Change	13 Feb 2013
Criticality	Moderately Critical
Solution Status	Unpatched
Software	Schneider Electric Accutech Manager 2.x
Where	From local network
Impact	System access This covers vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user.
Description	A vulnerability has been reported in Schneider Electric Accutech Manager, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within RFManagerService.exe when processing HTTP requests and can be exploited to cause a heap-based buffer overflow by sending a specially crafted GET request with more than 260 bytes to TCP port 2537. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in versions 2.00.1 and prior.
Solution	No official solution is currently available. A fix is scheduled to be released on February 28th, 2013.
Reported by	The vendor credits Aaron Portnoy, Exodus Intelligence.
Original Advisory	Schneider: http://www.schneider-electric.com/sites/corporate/en/support/cybersecurity/viewer-news.page?c_filepath=/templatedata/Content/News/data/en/local/cybersecurity/general_information/2013/01/20130121_advisory_of_vulnerability_affecting_accutech_manager_software.xml SEVD 2013-021-01: http://download.schneider-electric.com/files?p_File_Id=35974872&p_File_Name=SEVD-2013-021-01A.pdf http://download.schneider-electric.com/files?p_File_Id=36024724&p_File_Name=SEVD-2013-021-01A.pdf

© 1997-2013 Kaspersky Lab ZAO. All Rights Reserved.
Industry-leading Antivirus Software.
Registered trademarks and service marks are the property of their respective owners.
The authors' opinions do not necessarily reflect the official positions of Kaspersky Lab.