CVE-2012-1800 Information

Description

Stack-based buffer overflow in the Profinet DCP protocol implementation on the Siemens Scalance S Security Module firewall S602 V2 S612 V2 and S613 V2 with firmware before 2.3.0.3 allows remote attackers to cause a denial of service (device outage) or possibly execute arbitrary code via a crafted DCP frame.

Reference

http://osvdb.org/81034 http://support.automation.siemens.com/WW/view/en/59869684 http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-268149.pdf http://www.us-cert.gov/control_systems/pdf/ICSA-12-102-05.pdf