7-Technologies IGSS < 9.0.0.11143 ODBC Remote Memory Corruption

This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains a SCADA application that is affected
by a memory corruption vulnerability.

Description :

The installed version of IGSS from 7-Technologies is earlier than
9.0.0.11143. As such, it potentially has a memory corruption error in
the Open Database Connectivity (ODBC) component listening on TCP port
20222.

Using specially crafted packets, an unauthenticated, remote attacker
could leverage this issue to execute arbitrary code with
administrative privileges.

See also :

http://www.7t.dk/igss/igssupdates/v90/progupdatesv90.zip
http://www.securityfocus.com/archive/1/518110/30/0/threaded

Solution :

Apply the IGSS Update to upgrade to IGSS version 9.0.0.11143 or
later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.8
(CVSS2#E:POC/RL:OF/RC:ND)
Public Exploit Available : true

Family: SCADA

Nessus Plugin ID: 54645 ()

Bugtraq ID: 47960

CVE ID: CVE-2011-2214