Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: Patchbag: WinZip / MPlayer / RealWin SCADA vuln - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Patchbag: WinZip / MPlayer / RealWin SCADA vuln

A couple patches: WinZip11 on W2000 GDIlib vulnerability: http://update.winzip.com/wz112sr1.htm and MPlayer Buffer Overflow: http://www.ocert.org/advisories/ocert-2008-013.html

Further, the RealFlex RealWin 2.0 SCADA system seems vulnerable to a remote unauthenticated buffer overflow. No patch yet. If you run this software on your SCADA, now is the time to double-check if you have port tcp/910 nicely filtered. Otherwise, soon enough, someone else will be checking for you....:  http://www.securityfocus.com/archive/1/496759 and http://xforce.iss.net/xforce/xfdb/45465

Daniel

367 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!