Cogent DataHub < 6.4.3 OPC Client Reconnection Saturation Remote DoS

Medium Nessus Plugin ID 91622

Synopsis

The remote host is running an application that is affected by a denial of service vulnerability.

Description

The remote host is running a version of Cogent DataHub that is prior to 6.4.3. It is, therefore, affected by a denial of service vulnerability that is triggered during the handling of a saturation of reconnection attempts. An unauthenticated, remote attacker can exploit this to crash the service.

Solution

Upgrade to Cogent DataHub version 6.4.3 or later.

See Also

http://www.softwaretoolbox.com/cogentdatahub/RevisionHistory/6.4.07.txt

Plugin Details

Severity: Medium

ID: 91622

File Name: scada_cogent_datahub_6_4_3.nbin

Version: $Revision: 1.20 $

Type: remote

Family: SCADA

Published: 2016/06/15

Modified: 2018/05/21

Dependencies: 70556

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: cpe:/a:cogentdatahub:cogent_datahub

Required KB Items: SCADA/cogent_datahub

Patch Publication Date: 2008/03/02

Vulnerability Publication Date: 2008/03/02