CVE-2012-6442
https://notcve.org/view.php?id=CVE-2012-6442
Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 and 1400 allow remote attackers to cause a denial of service (control and communication outage) via a CIP message that specifies a reset. Los productos Rockwell Automation EtherNet/IP: 1756-ENBT, 1756-EWEB, 1768-ENBT, y los módulos de comunicación 1768-EWEB; CompactLogix L32E y controladores L35E; adaptador 1788-ENBT FLEXLogix; adaptador 1794-AENTR FLEX I/O EtherNet/IP; ControlLogix 18 y anteriores; CompactLogix 18 y anteriores; GuardLogix 18 y anteriores; SoftLogix 18 y anteriores; controladores CompactLogix 19 y anteriores; controladores SoftLogix 19 y anteriores; controladores ControlLogix 20 y anteriores; controladores GuardLogix 20 y anteriores; y MicroLogix 1100 y 1400 permiten a atacantes remotos causar una denegación de servicio (control y corte de la comunicación) a través de un mensaje CIP que especifica un reinicio. • http://www.us-cert.gov/control_systems/pdf/ICSA-13-011-03.pdf https://tools.cisco.com/security/center/viewAlert.x?alertId=27862 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2009-3739
https://notcve.org/view.php?id=CVE-2009-3739
Multiple unspecified vulnerabilities on the Rockwell Automation AB Micrologix 1100 and 1400 controllers allow remote attackers to obtain privileged access or cause a denial of service (halt) via unknown vectors. Múltiples vulnerabilidades sin especificar en Rockwell Automation AB Micrologix 1100 y 1400 controllers permite a atacantes remotos obtener privilegios de acceso o provocar una denegación de servicio (parada) a través de vectores desconocidos. • http://www.securityfocus.com/archive/1/508946/100/0/threaded •