var-201109-0168
Vulnerability from variot
service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) BF, (2) OF, or (3) EF command. Service.exe has multiple boundary errors when processing messages, and sending a specially crafted command to TCP port 11234 can trigger a stack-based buffer overflow. Measuresoft ScadaPro provides integrated data phone, monitoring, logging, report generation and more. Measuresoft ScadaPro has a security vulnerability. The \"xF\" command can be used to call any function in any DLL, such as executing the application via the \"system()\" function in msvcrt.dll. Measuresoft ScadaPro has a security vulnerability and sends a special \"RF\" command to TCP port 11234 to get arbitrary file content. Exploiting these issues could allow remote attackers to perform unauthorized actions using directory traversal strings or to execute arbitrary code or commands within the context of the affected application. Failed attempts will likely cause denial-of-service conditions
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201109-0168", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "scadapro", "scope": "eq", "trust": 3.0, "vendor": "easuresoft", "version": "4.0.0.0" }, { "model": "scadapro", "scope": "lte", "trust": 1.8, "vendor": "measuresoft", "version": "4.0.0" }, { "model": "scadapro", "scope": "eq", "trust": 1.6, "vendor": "measuresoft", "version": "3.9.15" }, { "model": "scadapro", "scope": "eq", "trust": 1.6, "vendor": "measuresoft", "version": "3.9.13" }, { "model": "scadapro", "scope": "eq", "trust": 1.6, "vendor": "measuresoft", "version": "3.9.8" }, { "model": "scadapro", "scope": "eq", "trust": 1.6, "vendor": "measuresoft", "version": "3.9.7" }, { "model": "scadapro", "scope": "eq", "trust": 1.6, "vendor": "measuresoft", "version": "3.9.10" }, { "model": "scadapro", "scope": "eq", "trust": 1.6, "vendor": "measuresoft", "version": "3.9.14" }, { "model": "scadapro", "scope": "eq", "trust": 1.6, "vendor": "measuresoft", "version": "3.9.9" }, { "model": "scadapro", "scope": "eq", "trust": 1.6, "vendor": "measuresoft", "version": "3.9.6" }, { "model": "scadapro", "scope": "eq", "trust": 1.6, "vendor": "measuresoft", "version": "3.9.11" }, { "model": "scadapro", "scope": "eq", "trust": 1.6, "vendor": "measuresoft", "version": "3.9.12" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "3.1.0" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "2.5.1" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "2.4.1" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "2.5.5" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "2.4.3" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "3.3.2" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "3.9.4" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "3.2.9" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "3.3.1" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "2.1" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "3.9.5" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "2.8.0" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "3.2.8" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "2.5.2" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "2.4" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "2.5.4" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "2.7.0" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "2.4.4" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "2.5" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "2.9.0" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "2.4.6" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "2.7.1" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "2.3" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "2.4.2" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "2.4.5" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "3.3.0" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "2.5.3" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "3.9.0" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "2.6.0" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "2.7.2" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "3.9.3" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "2.2" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "3.9.1" }, { "model": "scadapro", "scope": "eq", "trust": 1.0, "vendor": "measuresoft", "version": "3.9.2" }, { "model": "scadapro", "scope": "eq", "trust": 0.3, "vendor": "measuresoft", "version": "4.0" }, { "model": "scadapro", "scope": "eq", "trust": 0.3, "vendor": "measuresoft", "version": "0" }, { "model": "scadapro", "scope": "ne", "trust": 0.3, "vendor": "measuresoft", "version": "4.0.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "2.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "2.2" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "2.3" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "2.4" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "2.4.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "2.4.2" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "2.4.3" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "2.4.4" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "2.4.5" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "2.4.6" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "2.5" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "2.5.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "2.5.2" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "2.5.3" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "2.5.4" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "2.5.5" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "2.6.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "2.7.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "2.7.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "2.7.2" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "2.8.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "2.9.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "3.1.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "3.2.8" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "3.2.9" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "3.3.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "3.3.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "3.3.2" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "3.9.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "3.9.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "3.9.2" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "3.9.3" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "3.9.4" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "3.9.5" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "3.9.6" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "3.9.7" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "3.9.8" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "3.9.9" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "3.9.10" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "3.9.11" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "3.9.12" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "3.9.13" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "3.9.14" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "3.9.15" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scadapro", "version": "*" } ], "sources": [ { "db": "IVD", "id": "a45c75f2-2354-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2011-3670" }, { "db": "CNVD", "id": "CNVD-2011-3674" }, { "db": "CNVD", "id": "CNVD-2011-3676" }, { "db": "CNVD", "id": "CNVD-2011-3675" }, { "db": "CNVD", "id": "CNVD-2011-3673" }, { "db": "BID", "id": "49613" }, { "db": "JVNDB", "id": "JVNDB-2011-002235" }, { "db": "NVD", "id": "CVE-2011-3496" }, { "db": "CNNVD", "id": "CNNVD-201109-269" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:2.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:2.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:2.4.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:2.4.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:2.7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:2.7.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:3.2.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:3.2.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:3.9.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:3.9.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:3.9.14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:3.9.15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:2.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:2.4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:2.5.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:2.5.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:2.5.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:2.9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:3.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:3.9.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:3.9.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:3.9.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:3.9.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:2.7.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:2.8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:3.3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:3.9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:3.9.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:3.9.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:3.9.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "4.0.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:2.4.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:2.4.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:2.5.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:2.6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:3.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:3.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:3.9.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:3.9.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:3.9.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:measuresoft:scadapro:3.9.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2011-3496" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Luigi Auriemma", "sources": [ { "db": "BID", "id": "49613" } ], "trust": 0.3 }, "cve": "CVE-2011-3496", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "impactScore": 10.0, "integrityImpact": "COMPLETE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 10.0, "confidentialityImpact": "Complete", "exploitabilityScore": null, "id": "CVE-2011-3496", "impactScore": null, "integrityImpact": "Complete", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "id": "a45c75f2-2354-11e6-abef-000c29c66e3d", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.9 [IVD]" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2011-3496", "trust": 1.8, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201109-269", "trust": 0.6, "value": "CRITICAL" }, { "author": "IVD", "id": "a45c75f2-2354-11e6-abef-000c29c66e3d", "trust": 0.2, "value": "CRITICAL" } ] } ], "sources": [ { "db": "IVD", "id": "a45c75f2-2354-11e6-abef-000c29c66e3d" }, { "db": "JVNDB", "id": "JVNDB-2011-002235" }, { "db": "NVD", "id": "CVE-2011-3496" }, { "db": "CNNVD", "id": "CNNVD-201109-269" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) BF, (2) OF, or (3) EF command. Service.exe has multiple boundary errors when processing messages, and sending a specially crafted command to TCP port 11234 can trigger a stack-based buffer overflow. Measuresoft ScadaPro provides integrated data phone, monitoring, logging, report generation and more. Measuresoft ScadaPro has a security vulnerability. The \\\"xF\\\" command can be used to call any function in any DLL, such as executing the application via the \\\"system()\\\" function in msvcrt.dll. Measuresoft ScadaPro has a security vulnerability and sends a special \\\"RF\\\" command to TCP port 11234 to get arbitrary file content. \nExploiting these issues could allow remote attackers to perform unauthorized actions using directory traversal strings or to execute arbitrary code or commands within the context of the affected application. Failed attempts will likely cause denial-of-service conditions", "sources": [ { "db": "NVD", "id": "CVE-2011-3496" }, { "db": "JVNDB", "id": "JVNDB-2011-002235" }, { "db": "CNVD", "id": "CNVD-2011-3670" }, { "db": "CNVD", "id": "CNVD-2011-3674" }, { "db": "CNVD", "id": "CNVD-2011-3676" }, { "db": "CNVD", "id": "CNVD-2011-3675" }, { "db": "CNVD", "id": "CNVD-2011-3673" }, { "db": "BID", "id": "49613" }, { "db": "IVD", "id": "a45c75f2-2354-11e6-abef-000c29c66e3d" } ], "trust": 4.77 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "BID", "id": "49613", "trust": 4.1 }, { "db": "NVD", "id": "CVE-2011-3496", "trust": 2.9 }, { "db": "ICS CERT ALERT", "id": "ICS-ALERT-11-256-04", "trust": 2.4 }, { "db": "EXPLOIT-DB", "id": "17848", "trust": 1.6 }, { "db": "SREASON", "id": "8382", "trust": 1.0 }, { "db": "CNNVD", "id": "CNNVD-201109-269", "trust": 0.8 }, { "db": "OSVDB", "id": "75571", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2011-002235", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2011-3670", "trust": 0.6 }, { "db": "CNVD", "id": "CNVD-2011-3674", "trust": 0.6 }, { "db": "CNVD", "id": "CNVD-2011-3676", "trust": 0.6 }, { "db": "CNVD", "id": "CNVD-2011-3675", "trust": 0.6 }, { "db": "CNVD", "id": "CNVD-2011-3673", "trust": 0.6 }, { "db": "ICS CERT", "id": "ICSA-11-263-01", "trust": 0.3 }, { "db": "IVD", "id": "A45C75F2-2354-11E6-ABEF-000C29C66E3D", "trust": 0.2 } ], "sources": [ { "db": "IVD", "id": "a45c75f2-2354-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2011-3670" }, { "db": "CNVD", "id": "CNVD-2011-3674" }, { "db": "CNVD", "id": "CNVD-2011-3676" }, { "db": "CNVD", "id": "CNVD-2011-3675" }, { "db": "CNVD", "id": "CNVD-2011-3673" }, { "db": "BID", "id": "49613" }, { "db": "JVNDB", "id": "JVNDB-2011-002235" }, { "db": "NVD", "id": "CVE-2011-3496" }, { "db": "CNNVD", "id": "CNNVD-201109-269" } ] }, "id": "VAR-201109-0168", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "a45c75f2-2354-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2011-3670" }, { "db": "CNVD", "id": "CNVD-2011-3674" }, { "db": "CNVD", "id": "CNVD-2011-3676" }, { "db": "CNVD", "id": "CNVD-2011-3675" }, { "db": "CNVD", "id": "CNVD-2011-3673" } ], "trust": 4.2 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 3.2 } ], "sources": [ { "db": "IVD", "id": "a45c75f2-2354-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2011-3670" }, { "db": "CNVD", "id": "CNVD-2011-3674" }, { "db": "CNVD", "id": "CNVD-2011-3676" }, { "db": "CNVD", "id": "CNVD-2011-3675" }, { "db": "CNVD", "id": "CNVD-2011-3673" } ] }, "last_update_date": "2023-12-18T12:58:23.455000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "scada-products", "trust": 0.8, "url": "http://www.measuresoft.com/products/scada-products.aspx" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2011-002235" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-20", "trust": 1.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2011-002235" }, { "db": "NVD", "id": "CVE-2011-3496" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 3.0, "url": "http://aluigi.altervista.org/adv/scadapro_1-adv.txthttp" }, { "trust": 2.4, "url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-11-256-04.pdf" }, { "trust": 1.9, "url": "http://aluigi.altervista.org/adv/scadapro_1-adv.txt" }, { "trust": 1.6, "url": "http://www.exploit-db.com/exploits/17848" }, { "trust": 1.0, "url": "http://securityreason.com/securityalert/8382" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3496" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3496" }, { "trust": 0.8, "url": "http://osvdb.org/75571" }, { "trust": 0.8, "url": "http://www.securityfocus.com/bid/49613" }, { "trust": 0.3, "url": "http://www.measuresoft.com/products/scada-products.aspx" }, { "trust": 0.3, "url": "/archive/1/519637" }, { "trust": 0.3, "url": "http://www.us-cert.gov/control_systems/pdf/icsa-11-263-01.pdf" }, { "trust": 0.3, "url": "http://www.measuresoft.net/news/post/inaccurate-reports-of-measuresoft-scadapro-400-vulnerability.aspx" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2011-3670" }, { "db": "CNVD", "id": "CNVD-2011-3674" }, { "db": "CNVD", "id": "CNVD-2011-3676" }, { "db": "CNVD", "id": "CNVD-2011-3675" }, { "db": "CNVD", "id": "CNVD-2011-3673" }, { "db": "BID", "id": "49613" }, { "db": "JVNDB", "id": "JVNDB-2011-002235" }, { "db": "NVD", "id": "CVE-2011-3496" }, { "db": "CNNVD", "id": "CNNVD-201109-269" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "a45c75f2-2354-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2011-3670" }, { "db": "CNVD", "id": "CNVD-2011-3674" }, { "db": "CNVD", "id": "CNVD-2011-3676" }, { "db": "CNVD", "id": "CNVD-2011-3675" }, { "db": "CNVD", "id": "CNVD-2011-3673" }, { "db": "BID", "id": "49613" }, { "db": "JVNDB", "id": "JVNDB-2011-002235" }, { "db": "NVD", "id": "CVE-2011-3496" }, { "db": "CNNVD", "id": "CNNVD-201109-269" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2011-09-19T00:00:00", "db": "IVD", "id": "a45c75f2-2354-11e6-abef-000c29c66e3d" }, { "date": "2011-09-15T00:00:00", "db": "CNVD", "id": "CNVD-2011-3670" }, { "date": "2011-09-15T00:00:00", "db": "CNVD", "id": "CNVD-2011-3674" }, { "date": "2011-09-15T00:00:00", "db": "CNVD", "id": "CNVD-2011-3676" }, { "date": "2011-09-15T00:00:00", "db": "CNVD", "id": "CNVD-2011-3675" }, { "date": "2011-09-15T00:00:00", "db": "CNVD", "id": "CNVD-2011-3673" }, { "date": "2011-09-13T00:00:00", "db": "BID", "id": "49613" }, { "date": "2011-09-26T00:00:00", "db": "JVNDB", "id": "JVNDB-2011-002235" }, { "date": "2011-09-16T17:26:14.747000", "db": "NVD", "id": "CVE-2011-3496" }, { "date": "2011-09-19T00:00:00", "db": "CNNVD", "id": "CNNVD-201109-269" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2011-09-15T00:00:00", "db": "CNVD", "id": "CNVD-2011-3670" }, { "date": "2011-09-15T00:00:00", "db": "CNVD", "id": "CNVD-2011-3674" }, { "date": "2011-09-15T00:00:00", "db": "CNVD", "id": "CNVD-2011-3676" }, { "date": "2011-09-15T00:00:00", "db": "CNVD", "id": "CNVD-2011-3675" }, { "date": "2011-09-15T00:00:00", "db": "CNVD", "id": "CNVD-2011-3673" }, { "date": "2011-09-20T21:30:00", "db": "BID", "id": "49613" }, { "date": "2011-09-26T00:00:00", "db": "JVNDB", "id": "JVNDB-2011-002235" }, { "date": "2012-02-14T04:08:47.447000", "db": "NVD", "id": "CVE-2011-3496" }, { "date": "2011-09-19T00:00:00", "db": "CNNVD", "id": "CNNVD-201109-269" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201109-269" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Measuresoft ScadaPro service.exe Input validation vulnerability", "sources": [ { "db": "IVD", "id": "a45c75f2-2354-11e6-abef-000c29c66e3d" }, { "db": "CNNVD", "id": "CNNVD-201109-269" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Input validation", "sources": [ { "db": "IVD", "id": "a45c75f2-2354-11e6-abef-000c29c66e3d" }, { "db": "CNNVD", "id": "CNNVD-201109-269" } ], "trust": 0.8 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.