Advantech WebAccess < 7.2-2014.06.06 Multiple Vulnerabilities

This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.

Synopsis :

The remote host is affected by multiple vulnerabilities.

Description :

The remote host has a version of Advantech WebAccess prior to version
7.2-2014.06.06. It is, therefore, affected by multiple
vulnerabilities :

- Multiple stack overflows can be triggered with overly
long strings to the 'ProjectName', 'SetParameter',
'NodeName', 'CCDParameter', 'SetColor', 'AlarmImage',
'GetParameter', 'GetColor', 'ServerResponse', 'SetBaud',
and 'IPAddress' parameters of the webvact.ocx, dvs.ocx,
and webdact.ocx ActiveX files. (CVE-2014-2364)

- An unspecified flaw exists in WebAccess that allows an
attacker to create or delete arbitrary files.

- The pAdminPg.asp component includes the password of the
specified account in the underlying HTML.

- The ChkCookie subroutine in the
broadweb\include\gChkCook.asp ActiveX control can be
abused to bypass authentication. (CVE-2014-2367)

- The 'BrowseFolder' method of the bwocxrun ActiveX
control allows navigation from the Internet to a local
file. (CVE-2014-2368)

See also :

Solution :

Upgrade to Advantech WebAccess version 7.2-2014.06.06 or higher.

Risk factor :

High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.5
Public Exploit Available : true

Family: SCADA

Nessus Plugin ID: 73643 ()

Bugtraq ID: 68714

CVE ID: CVE-2014-2364

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now