Buffer overflow in x87 before 3.5.5 in ABB Process Communication Unit 400 (PCU400) 4.4 through 4.6 allows remote attackers to execute arbitrary code via a crafted packet using the (1) IEC60870-5-101 or (2) IEC60870-5-104 communication protocol to the X87 web interface. This issue is corrected in version 3.5.5 of the x87 executable. To obtain a patch or upgrade software please contact your vendor. The x87 executable is considered obsolete in newer versions of the PCU 400 and should be replaced
by the newer x88 or x89 executable where applicable.
Link to contact information: http://www.abb.com/industries/db0003db004333/c12573e7003305cbc1257074003d0702.aspx?productLanguageus&countryUS&tabKeyContacts
Publication date: Mon, 29 Sep 2008 22:17:00 +0000