Cogent DataHub < 7.3.0 Multiple Vulnerabilities

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote host has software installed that is affected by multiple
vulnerabilities.

Description :

The remote host has a version of Cogent DataHub installed that is
earlier than 7.3.0. It is, therefore, potentially affected by the
following vulnerabilities :

- By sending specially crafted data to the TCP service
listening on port 4502 and 4503, it is possible to
trigger a NULL pointer dereference resulting in a
service crash. (CVE-2013-0681)

- The DataHub HTTP server is vulnerable to a buffer
overflow vulnerability that can be triggered by sending
a specially crafted HTTP request. Exploitation could
potentially result in arbitrary code execution or a
service crash. (CVE-2013-0680)

- The DataSim and DataPid programs are vulnerable to a
denial of service vulnerability that can be triggered by
tricking a user into connecting the programs to a
malicious server. (CVE-2013-0683)

- Improper exception handling could allow attackers to
execute arbitrary code or trigger a denial of service
condition. (CVE-2013-0682)

Solution :

Upgrade to Cogent DataHub 7.3.0 or later.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.5
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: SCADA

Nessus Plugin ID: 70557 ()

Bugtraq ID: 58902
58905
58909
58910

CVE ID: CVE-2013-0680
CVE-2013-0681
CVE-2013-0682
CVE-2013-0683