WellinTech KingView 6.53 < 2010-12-15 HistorySvr.exe TCP Request Remote Overflow

critical Nessus Plugin ID 59375


The remote Windows host contains an application that is affected by a remote buffer overflow vulnerability.


According to its version, the instance of WellinTech KingView installed on the remote Windows host is affected by a remote buffer overflow vulnerability. A flaw exists inside of 'nettransdll.dll' that may permit unauthenticated, remote attackers to execute arbitrary code in the context of the application. 'HistorySrv.exe' listens on port 777, and when a long request is received it may trigger a heap overflow.


Install the patch referenced in the vendor's advisory.

See Also




Plugin Details

Severity: Critical

ID: 59375

File Name: scada_kingview_6_53_2010-12-15.nbin

Version: 1.189

Type: local

Agent: windows

Family: SCADA

Published: 6/5/2012

Updated: 11/30/2022

Supported Sensors: Nessus Agent

Risk Information


Risk Factor: High

Score: 7.4


Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: E:F/RL:OF/RC:C

CVSS Score Source: CVE-2011-0406

Vulnerability Information

CPE: cpe:/a:wellintech:kingview

Required KB Items: SCADA/Apps/WellinTech/KingView/Installed

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/15/2010

Vulnerability Publication Date: 1/9/2011

Exploitable With

Core Impact

ExploitHub (EH-14-257)

Reference Information

CVE: CVE-2011-0406

BID: 45727

CERT: 180119

EDB-ID: 15957

ICS-ALERT: 11-111-01