This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.
An application running on the remote host is affected by a denial of
The version of Trihedral Engineering VTScada installed on the remote
host is prior to 9.1.20, 10.x prior to 10.2.22, or 11.x prior to
11.1.09. It is, therefore, affected by a denial of service
vulnerability due to an integer overflow condition in the included
HTTP server. A remote, unauthenticated attacker, using a crafted
packet containing small negative content length, can exploit this
issue to trigger a large memory allocation, resulting in a server
See also :
Upgrade to Trihedral Engineering VTScada version 9.1.20 / 10.2.22 /
11.1.09 or later.
Risk factor :
High / CVSS Base Score : 7.8