ABB WebWare Server RobNetScanHost.exe Stack Buffer Overflow

Added: 03/01/2012
CVE: CVE-2012-0245
BID: 52123
OSVDB: 79476

Background

ABB provides power and automation technology solutions including robots and related software. ABB WebWare Server is a web-based manufacturing support system designed to facilitate a wide range of production management tasks, including managing communication with connected robot controllers.

Problem

WebWare Server (4.6 through 4.91) for Windows is vulnerable to a buffer overflow in the RobNetScanHost service when processing incoming announcements about robot controller availability on the subnet. By sending a specially crafted packet to the server, a remote attacker could possibly execute arbitrary code on the vulnerable target.

Resolution

Apply patches as described in ABB Vulnerability Security Advisory ABB-VU-DMRO-38599.

References

http://www.zerodayinitiative.com/advisories/ZDI-12-033/
http://secunia.com/advisories/48090/

Limitations

This exploit has been tested on ABB WebWare Server 4.91 on Microsoft Windows XP SP3 English (DEP OptIn) with no further patches.

Platforms

Windows

Back to exploit index