This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detect remote buffer overflow in realwin.
DATAC RealWin is a SCADA (Supervisory Control And Data Acquisition) server for Microsoft Windows platforms.
RealWin is prone to multiple remote stack-based buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data. Specifically, attackers can send specially crafted 'SCPC_INITIALIZE', 'SCPC_INITIALIZE_RF' or 'SCPC_TXTEVENT' packets to a vulnerable server to trigger these issues.
Attackers may leverage these issues to execute arbitrary code in the context of the application. Failed exploit attempts will cause a denial-of-service condition.
DATAC RealWin versions 2.0 and prior are vulnerable; others may also be affected.
- DATAC RealWin versions 2.0 and prior are vulnerable; others may also be affected.