Vulnerability Description
Stack-based buffer overflow in Sielco Sistemi Winlog Pro 2.07.00 and earlier, when Run TCP/IP server is enabled, allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted 0x02 opcode to TCP port 46823.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sielcosistemi | Winlog Pro | <= 2.07.00 |
Related Weaknesses (CWE)
References
- http://aluigi.org/adv/winlog_1-adv.txtExploit
- http://osvdb.org/70418
- http://secunia.com/advisories/42894Vendor Advisory
- http://securityreason.com/securityalert/8280
- http://www.exploit-db.com/exploits/15992Exploit
- http://www.kb.cert.org/vuls/id/496040US Government Resource
- http://www.securityfocus.com/bid/45813Exploit
- http://www.us-cert.gov/control_systems/pdf/ICSA-11-017-02.pdf
- http://www.vupen.com/english/advisories/2011/0126Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64716
- http://aluigi.org/adv/winlog_1-adv.txtExploit
- http://osvdb.org/70418
- http://secunia.com/advisories/42894Vendor Advisory
- http://securityreason.com/securityalert/8280
- http://www.exploit-db.com/exploits/15992Exploit
FAQ
What is CVE-2011-0517?
CVE-2011-0517 is a vulnerability with a CVSS score of 9.3 (HIGH). Stack-based buffer overflow in Sielco Sistemi Winlog Pro 2.07.00 and earlier, when Run TCP/IP server is enabled, allows remote attackers to cause a denial of service (crash) and execute arbitrary code...
How severe is CVE-2011-0517?
CVE-2011-0517 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-0517?
Check the references section above for vendor advisories and patch information. Affected products include: Sielcosistemi Winlog Pro.