Ecava IntegraXor < 3.60.4081 Path Subversion Arbitrary DLL Injection Code Execution

High Nessus Network Monitor Plugin ID 8403

Synopsis

A vulnerable version of Ecava IntegraXor has been detected.

Description

Ecava IntegraXor versions prior to 3.60.4081 contain a flaw in the way dynamic-link libraries (DLLs) are loaded. IntegraXor uses a fixed path to look for specific DLLs, but this path could include directories that are not trusted or under user control. If a malicious DLL with the same name as a required DLL is located in the application's current working directory, the malicious DLL will be loaded. This allows an attacker to execute custom code that will run with the privilege of the program or user executing the program. This attack could be leveraged remotely by placing the malicious file or library on a network share or archive downloaded from a remote source.

Solution

Upgrade to IntegraXor version 3.60.4081 or later.

See Also

http://www.nessus.org/u?063b0edb

http://www.integraxor.com/blog/security-issue-dll-hijacking-vulnerability-note/

https://ics-cert.us-cert.gov/alerts/ICS-ALERT-10-362-01

https://ics-cert.us-cert.gov/advisories/ICSA-11-147-01B

http://msdn.microsoft.com/en-us/library/ff919712(VS.85).aspx

Plugin Details

Severity: High

ID: 8403

Family: SCADA

Published: 2014/09/25

Modified: 2016/01/30

Dependencies: 1442

Nessus ID: 55026

Risk Information

Risk Factor: High

CVSSv2

Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

CVSSv3

Base Score: 9.8

Temporal Score: 9.4

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:ND/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:ecava:integraxor

Patch Publication Date: 2011/05/30

Vulnerability Publication Date: 2011/05/30

Reference Information

CVE: CVE-2010-4599

BID: 45549