LiveData Server Multiple Remote Vulnerabilities

Critical Nessus Plugin ID 25147


The remote host is running a SCADA server that is vulnerable to remote code execution and denial of service attacks.


The remote host is running a version of the LiveData ICCP server that is older than version 5.00.62. Such versions are affected by the following vulnerabilities :

- A heap overflow vulnerability can be triggered when processing malformed WSDL files via TCP leading to arbitrary code execution subject to the privileges of the remote service. (CVE-2007-2489)

- A denial of service attack is possible using specially crafted Connection-Oriented Transport Protocol (COTP) packets. (CVE-2007-2490)


Upgrade to LiveData Server release 5.00.62 or later.

See Also

Plugin Details

Severity: Critical

ID: 25147

File Name: scada_iccp_livedata_dos.nbin

Version: $Revision: 1.12 $

Type: local

Family: SCADA

Published: 2007/05/03

Modified: 2016/10/18

Dependencies: 23813

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

Required KB Items: SCADA/ICCP/LiveData/Version

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2007/05/02

Vulnerability Publication Date: 2007/05/02

Reference Information

CVE: CVE-2007-2489, CVE-2007-2490

BID: 23773, 23775

OSVDB: 35530, 35529

CERT: 711420