Executive Summary
Summary | |
---|---|
Title | IntelliCom NetBiter Config HICP hostname buffer overflow |
Informations | |||
---|---|---|---|
Name | VU#181737 | First vendor Publication | 2010-03-24 |
Vendor | VU-CERT | Last vendor Modification | 2010-03-26 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#181737IntelliCom NetBiter Config HICP hostname buffer overflowOverviewThe IntelliCom NetBiter Config HICP configuration utility has a buffer overflow vulnerability that can be triggered by a specially crafted hostname (hn) value. An attacker with network access could exploit this vulnerability to execute arbitrary code with the privileges of the user running NetBiter Config.I. DescriptionIntelliCom NetBiter devices are based on HMS Anybus technology. The HMS HICP protocol (3250/udp) provides a way to configure network settings for NetBiter and possibly other Anybus-based devices. The NetBiter Config HICP configuration utility (NetbiterConfig.exe) has a buffer overflow vulnerability that can be triggered by a specially crafted hostname (hn) value. Further details are available in the original post by Rubén Santamarta.II. ImpactAn attacker with network access could exploit this vulnerability to execute arbitrary code with the privileges of the user running NetBiter Config.III. SolutionUpgradeThis vulnerability is addressed in NetBiter Config version 1.3.1. Please see IntelliCom Security Bulletin ISFR-4404-0007.
References
This information was published by Rubén Santamarta. This document was written by Art Manion.
|
Original Source
Url : http://www.kb.cert.org/vuls/id/181737 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
63325 | Intellicom NetBiter webSCADA NetBiterConfig.exe hn Parameter Remote Overflow IntelliCom NetBiterConfig utility version 1.3.0 and earlier are prone to an overflow condition. The NetBiterConfig utility fails to properly sanitize user-supplied input (e.g., a hostname of 0x60 bytes) resulting in a stack-based overflow. With a specially crafted HICP-protocol UDP packet., a remote attacker can potentially cause the affected application to crash or execute arbitrary code. |
61018 | Intellicom NetBiter Config NetbiterConfig.exe Device Hostname Remote Overflow |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | IntelliCom NetBiter config utility hostname overflow attempt RuleID : 20052 - Revision : 5 - Type : PROTOCOL-SCADA |