Secunia
Login
|
|
CVE Reference: CVE-2011-4530 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2011-4530 |
|
|
Description: Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 does not properly copy fields obtained from clients, which allows remote attackers to cause a denial of service (exception and daemon crash) via long fields, as demonstrated by fields to the (1) open_session->workstation->NAME or (2) grant->VERSION function. |
|
|
CVE Status: Candidate |
|
|
References: MISC http://aluigi.altervista.org/adv/almsrvx_1-adv.txt http://www.us-cert.gov/control_systems/pdf/ICSA-11-361-01.pdf CONFIRM http://support.automation.siemens.com/WW/llisapi.dll/57252401?func=ll&objId=57252401&objAction=csView&nodeid0=17323948&lang=en&siteid=cseus&aktprim=0&extranet=standard&viewreg=WW&load=content http://support.automation.siemens.com/WW/view/en/114358 |
|
| Return to the previous page. |
