ProSoft RadioLinx ControlScape PRNG Weakness

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote host has software that uses a weak password generator.

Description :

The remote host has a version of ProSoft RadioLinx ControlScape
installed that has a flaw in the random number generator. This flaw
could cause predictable passwords to be generated. A remote attacker
could potentially exploit this by using a brute force attack in order to
gain access to network devices managed by RadioLinx ControlScape.

See also :

http://www.nessus.org/u?675dcca3

Solution :

Upgrade to RadioLinx v6.00.040 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.1
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: SCADA

Nessus Plugin ID: 70416 ()

Bugtraq ID: 62238

CVE ID: CVE-2013-2803