Ecava IntegraXor < 3.60.4081 Path Subversion Arbitrary DLL Injection Code Execution

critical Nessus Network Monitor Plugin ID 8403

Synopsis

A vulnerable version of Ecava IntegraXor has been detected.

Description

Ecava IntegraXor versions prior to 3.60.4081 contain a flaw in the way dynamic-link libraries (DLLs) are loaded. IntegraXor uses a fixed path to look for specific DLLs, but this path could include directories that are not trusted or under user control. If a malicious DLL with the same name as a required DLL is located in the application's current working directory, the malicious DLL will be loaded. This allows an attacker to execute custom code that will run with the privilege of the program or user executing the program. This attack could be leveraged remotely by placing the malicious file or library on a network share or archive downloaded from a remote source.

Solution

Upgrade to IntegraXor version 3.60.4081 or later.

See Also

http://www.nessus.org/u?063b0edb

http://www.integraxor.com/blog/security-issue-dll-hijacking-vulnerability-note/

https://ics-cert.us-cert.gov/alerts/ICS-ALERT-10-362-01

https://ics-cert.us-cert.gov/advisories/ICSA-11-147-01B

http://msdn.microsoft.com/en-us/library/ff919712(VS.85).aspx

Plugin Details

Severity: Critical

ID: 8403

Family: SCADA

Published: 9/25/2014

Updated: 3/6/2019

Nessus ID: 55026

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:ecava:integraxor

Patch Publication Date: 5/30/2011

Vulnerability Publication Date: 5/30/2011

Reference Information

CVE: CVE-2010-4599

BID: 45549