Trihedral VTScada 6.5.x < 9.1.20 / 10.x < 10.2.22 / 11.x < 11.1.09 HTTP Server DoS

medium Nessus Plugin ID 84587

Synopsis

An application running on the remote host is affected by a denial of service vulnerability.

Description

The version of Trihedral Engineering VTScada installed on the remote host is prior to 9.1.20, 10.x prior to 10.2.22, or 11.x prior to 11.1.09. It is, therefore, affected by a denial of service vulnerability due to an integer overflow condition in the included HTTP server. A remote, unauthenticated attacker, using a crafted packet containing small negative content length, can exploit this issue to trigger a large memory allocation, resulting in a server crash.

Solution

Upgrade to Trihedral Engineering VTScada version 9.1.20 / 10.2.22 / 11.1.09 or later.

See Also

https://www.trihedral.com/help/#Op_Welcome/Wel_UpgradeNotes.htm

https://ics-cert.us-cert.gov/advisories/ICSA-14-343-02

Plugin Details

Severity: Medium

ID: 84587

File Name: scada_trihedral_vtscada_11_1_09.nbin

Version: 1.96

Type: local

Agent: windows

Family: SCADA

Published: 7/7/2015

Updated: 5/20/2024

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.9

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2014-9192

Vulnerability Information

CPE: cpe:/a:trihedral:vtscada

Required KB Items: installed_sw/Trihedral Engineering VTScada

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/9/2014

Vulnerability Publication Date: 12/9/2014

Exploitable With

Core Impact

Reference Information

CVE: CVE-2014-9192

BID: 71591

ICSA: 14-343-02