This script is Copyright (C) 2007-2012 Tenable Network Security, Inc.
The remote host is running a SCADA server that is vulnerable to remote
code execution and denial of service attacks.
The remote host is running a version of the LiveData ICCP server that
is older than version 5.00.62. Such versions are affected by the
following vulnerabilities :
- A heap overflow vulnerability can be triggered when
processing malformed WSDL files via TCP leading to
arbitrary code execution subject to the privileges of
the remote service. (CVE-2007-2489)
- A denial of service attack is possible using specially
crafted Connection-Oriented Transport Protocol (COTP)
See also :
Upgrade to LiveData Server release 5.00.62 or later.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 7.4
Public Exploit Available : false
Nessus Plugin ID: 25147 ()
Bugtraq ID: 2377323775
CVE ID: CVE-2007-2489CVE-2007-2490
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.