Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
certCERTVU:181737
HistoryMar 24, 2010 - 12:00 a.m.

IntelliCom NetBiter Config HICP hostname buffer overflow

2010-03-2400:00:00
www.kb.cert.org
30

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.797

Percentile

98.3%

JSON

Overview

The IntelliCom NetBiter Config HICP configuration utility has a buffer overflow vulnerability that can be triggered by a specially crafted hostname (hn) value. An attacker with network access could exploit this vulnerability to execute arbitrary code with the privileges of the user running NetBiter Config.

Description

IntelliCom NetBiter devices are based on HMS Anybus technology. The HMS HICP protocol (3250/udp) provides a way to configure network settings for NetBiter and possibly other Anybus-based devices. The NetBiter Config HICP configuration utility (NetbiterConfig.exe) has a buffer overflow vulnerability that can be triggered by a specially crafted hostname (hn) value. Further details are available in the original post by Rubén Santamarta.

Impact

An attacker with network access could exploit this vulnerability to execute arbitrary code with the privileges of the user running NetBiter Config.

Solution

Upgrade

This vulnerability is addressed in NetBiter Config version 1.3.1. Please see IntelliCom Security Bulletin ISFR-4404-0007.

Restrict access

Restrict access to SCADA, DCS, and other control system networks.

Vendor Information

181737

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

IntelliCom Innovation AB __ Affected

Updated: March 19, 2010

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

Please see IntelliCom Security Bulletin ISFR-4404-0007.

Vendor References

CVSS Metrics

Group Score Vector
Base
Temporal
Environmental

References

Acknowledgements

This information was published by Rubén Santamarta.

This document was written by Art Manion.

Other Information

CVE IDs: CVE-2009-4462
Severity Metric: 0.48 Date Public:

Related

exploitdb 2
nvd 1
cve 1
cvelist 1
prion 1
exploitdb
exploitdb
HMS HICP Protocol + Intellicom - 'NetBiterConfig.exe' Remote Buffer Overflow
2009-12-14 00:00:00
Intellicom 1.3 - 'NetBiterConfig.exe Hostname' Data Remote Stack Buffer Overflow (PoC)
2009-12-14 00:00:00
nvd
nvd
CVE-2009-4462
2009-12-30 20:00:01
cve
cve
CVE-2009-4462
2009-12-30 20:00:01
cvelist
cvelist
CVE-2009-4462
2009-12-30 19:00:00
prion
prion
Stack overflow
2009-12-30 20:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.797

Percentile

98.3%

JSON
Related for VU:181737
exploitdb2nvd1cve1cvelist1prion1