Cogent DataHub < 7.3.4 Malformed POST Request Buffer Overflow RCE

high Nessus Plugin ID 72486

Synopsis

The remote host is running an application that is affected by a remote code execution vulnerability.

Description

The remote host is running a version of Cogent DataHub, formerly known as Cascade DataHub and OFC DataHub, that is prior to 7.3.4. It is, therefore, affected by a remote code execution vulnerability that is triggered when handling malformed POST query strings. An unauthenticated, remote attacker can exploit this to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code in the context of the DataHub process.

Solution

Upgrade to Cogent DataHub version 7.3.4 or later.

See Also

https://www.zerodayinitiative.com/advisories/ZDI-13-252/

Plugin Details

Severity: High

ID: 72486

File Name: scada_cogent_datahub_7_3_4.nbin

Version: 1.57

Type: remote

Family: SCADA

Published: 2/13/2014

Updated: 7/19/2022

Configuration: Enable paranoid mode, Enable thorough checks

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:cogentdatahub:cogent_datahub

Required KB Items: Settings/ParanoidReport, SCADA/cogent_datahub

Exploit Ease: No known exploits are available

Patch Publication Date: 10/21/2013

Vulnerability Publication Date: 11/24/2013

Reference Information

BID: 63397