Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3489


Vulnerability Score 5.0 5.0
CVE Id CVE-2011-3489
Last Modified 13 Feb 2012 11:08:46
Published 16 Sep 2011 10:28:12
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



RnaUtility.dll in RsvcHost.exe in Rockwell RSLogix 19 and earlier allows remote attackers to cause a denial of service (crash) via a crafted rna packet with a long string to TCP port 4446 that triggers (1) "a memset zero overflow" or (2) an out-of-bounds read, related to improper handling of a 32-bit size field.

Vulnerable Systems


  • Rockwellautomation Rslogix 19


XF - rslogix-rna-dos(69808)

BID - 49608


SREASON - 8383

Last Updated: 27 May 2016 10:58:14