Today, in what is probably record time, ICS-CERT published an
advisory for the Ecava IntegraXor buffer overflow vulnerability that was
reported yesterday in an ICS-CERT alert. The vulnerability was reported
yesterday by Luigi at the S4x14 security conference in Miami. Would that all
vulnerabilities could be resolved this quickly
ICS-CERT notes that the vulnerability can be remotely exploited
by a relatively unskilled attacker using publicly available exploit code. A successful
exploit could result in a denial of service.
ICS-CERT reported that Ecava confirmed the existence of the
vulnerability and developed a patch for the problem which is now available
on-line. Additionally Ecava published a vulnerability
notice describing the problem and proposing some additional mitigation
measures that can be used to deal with the situation. There is no indication
that Luigi has had a chance to verify the efficacy of the mitigation measures/
It is understandable that the Ecava management wants to get this problem
addressed as quick as possible since the exploit code is publicly available.
Specifically Ecava notes that to successfully exploit this
vulnerability one need the complete project URL. They suggest that users of
this system take care not to publish the full URL of projects. They also
suggest that system operators not use the default port with the system.
Ecava is to be commended on their quick response to this
issue.
Posts
No comments:
Post a Comment