Siemens Scalance X Switches 'HTTP' Request Denial of Service Vulnerability

http://www.securityfocus.com/bid/52933

Security Info

Bugtraq ID:	52933
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2012-1802
Remote:	Yes
Local:	No
Published:	Apr 09 2012 12:00AM
Updated:	Apr 11 2012 10:40PM
Credit:	JÃ¼rgen Bilberger, Daimler TSS GmbH
Vulnerable:	Siemens Scalance XR-300 0 Siemens Scalance X414-3E 0 Siemens Scalance X308-2M 0 Siemens Scalance X-300EEC 0 Siemens Scalance X-300 0

Not Vulnerable:

Security Discussion

Siemens Scalance X Switches are prone to a denial-of-service vulnerability.

Successfully exploiting this issue allows an attacker to reboot the affected device, denying service to legitimate users.

The following versions are vulnerable:

Scalance X414-3E running firmware versions prior to 3.7.1
Scalance X switches running firmware versions prior to 3.7.2

Proof of Concept and Security Exploits

Attackers can use readily available tools to exploit this issue.

Security Solution(s)

Solution:
Vendor updates are available. Please see the references for more information.

Security References(s)

References:

Scalance X Switches Homepage (Siemens )
ICSA-12-102-04â??SIEMENS SCALANCE X BUFFER OVERFLOW VULNERABILITY (ICS-CERT)
SSA-130874: Multiple Security Vulnerabilities in Siemens Scalance X Switches (Siemens)

Emagined Security Blog featuring Dr. Eugene Schultz

Secure Web Programming
by Vizual Services