Lucene search

[email protected]CVE-2009-4462

HistoryDec 30, 2009 - 8:00 p.m.

CVE-2009-4462

2009-12-3020:00:01

CWE-119

[email protected]

web.nvd.nist.gov

cve-2009-4462

netbiterconfig

buffer overflow

remote code execution

nvd

security vulnerability

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.778 High

EPSS

Percentile

98.3%

JSON

Stack-based buffer overflow in the NetBiterConfig utility (NetBiterConfig.exe) 1.3.0 for Intellicom NetBiter WebSCADA allows remote attackers to execute arbitrary code via a long hn (hostname) parameter in a crafted HICP-protocol UDP packet.

Affected configurations

NVD

Node

intellicomnetbiterconfigMatch1.3.0

AND

intellicomnetbiter_webscada_ws100

intellicomnetbiter_webscada_ws200

CPENameOperatorVersion
intellicom:netbiterconfigintellicom netbiterconfigeq1.3.0

CPE	Name	Operator	Version
intellicom:netbiterconfig	intellicom netbiterconfig	eq	1.3.0

References

blog.48bits.com/2009/12/12/exposing-hms-hicp-protocol-0day-light/

reversemode.com/index.php?option=com_content&task=view&id=65&Itemid=1

support.intellicom.se/getfile.cfm?FID=150&FPID=85

www.kb.cert.org/vuls/id/181737

www.securityfocus.com/archive/1/508449/100/0/threaded

www.securityfocus.com/bid/37325

www.vupen.com/english/advisories/2009/3542

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.778 High

EPSS

Percentile

98.3%

JSON

Related for CVE-2009-4462

cvelist1 prion1 nvd1 cert1