Lucene search

[email protected]CVE-2010-4709

HistoryJan 28, 2011 - 4:00 p.m.

CVE-2010-4709

2011-01-2816:00:02

CWE-119

[email protected]

web.nvd.nist.gov

cve-2010-4709

automated solutions

modbus

tcp

master opc server

buffer overflow

denial of service

crash

execute arbitrary code

nvd

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

High

0.702 High

EPSS

Percentile

98.0%

JSON

Heap-based buffer overflow in Automated Solutions Modbus/TCP Master OPC Server before 3.0.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a MODBUS response packet with a crafted length field.

Affected configurations

NVD

Node

automatedsolutionsmodbus\/tcp_master_opc_serverRange≤3.0.1

automatedsolutionsmodbus\/tcp_master_opc_serverMatch2.0

automatedsolutionsmodbus\/tcp_master_opc_serverMatch2.0_build_1

automatedsolutionsmodbus\/tcp_master_opc_serverMatch2.0a

automatedsolutionsmodbus\/tcp_master_opc_serverMatch2.1

automatedsolutionsmodbus\/tcp_master_opc_serverMatch2.2

automatedsolutionsmodbus\/tcp_master_opc_serverMatch2.2a

automatedsolutionsmodbus\/tcp_master_opc_serverMatch2.3

automatedsolutionsmodbus\/tcp_master_opc_serverMatch2.3a

automatedsolutionsmodbus\/tcp_master_opc_serverMatch2.4

automatedsolutionsmodbus\/tcp_master_opc_serverMatch2.4a

automatedsolutionsmodbus\/tcp_master_opc_serverMatch2.5

automatedsolutionsmodbus\/tcp_master_opc_serverMatch2.6

automatedsolutionsmodbus\/tcp_master_opc_serverMatch2.6a

automatedsolutionsmodbus\/tcp_master_opc_serverMatch2.6b

automatedsolutionsmodbus\/tcp_master_opc_serverMatch2.7

automatedsolutionsmodbus\/tcp_master_opc_serverMatch2.7a

automatedsolutionsmodbus\/tcp_master_opc_serverMatch2.7b

automatedsolutionsmodbus\/tcp_master_opc_serverMatch2.7c

automatedsolutionsmodbus\/tcp_master_opc_serverMatch2.7d

automatedsolutionsmodbus\/tcp_master_opc_serverMatch2.7e

automatedsolutionsmodbus\/tcp_master_opc_serverMatch2.7f

automatedsolutionsmodbus\/tcp_master_opc_serverMatch2.8

automatedsolutionsmodbus\/tcp_master_opc_serverMatch2.9

automatedsolutionsmodbus\/tcp_master_opc_serverMatch2.9.1

automatedsolutionsmodbus\/tcp_master_opc_serverMatch2.9.4

automatedsolutionsmodbus\/tcp_master_opc_serverMatch2.9.5

automatedsolutionsmodbus\/tcp_master_opc_serverMatch2.9_build_2.9.3

automatedsolutionsmodbus\/tcp_master_opc_serverMatch2.10

automatedsolutionsmodbus\/tcp_master_opc_serverMatch2.11

automatedsolutionsmodbus\/tcp_master_opc_serverMatch2.12

automatedsolutionsmodbus\/tcp_master_opc_serverMatch2.12.1

automatedsolutionsmodbus\/tcp_master_opc_serverMatch2.12.3

automatedsolutionsmodbus\/tcp_master_opc_serverMatch3.0.0

CPENameOperatorVersion
automatedsolutions:modbus\/tcp_master_opc_serverautomatedsolutions modbus/tcp master opc serverle3.0.1
automatedsolutions:modbus\/tcp_master_opc_serverautomatedsolutions modbus/tcp master opc servereq2.0
automatedsolutions:modbus\/tcp_master_opc_serverautomatedsolutions modbus/tcp master opc servereq2.0_build_1
automatedsolutions:modbus\/tcp_master_opc_serverautomatedsolutions modbus/tcp master opc servereq2.0a
automatedsolutions:modbus\/tcp_master_opc_serverautomatedsolutions modbus/tcp master opc servereq2.1
automatedsolutions:modbus\/tcp_master_opc_serverautomatedsolutions modbus/tcp master opc servereq2.2
automatedsolutions:modbus\/tcp_master_opc_serverautomatedsolutions modbus/tcp master opc servereq2.2a
automatedsolutions:modbus\/tcp_master_opc_serverautomatedsolutions modbus/tcp master opc servereq2.3
automatedsolutions:modbus\/tcp_master_opc_serverautomatedsolutions modbus/tcp master opc servereq2.3a
automatedsolutions:modbus\/tcp_master_opc_serverautomatedsolutions modbus/tcp master opc servereq2.4

CPE	Name	Operator	Version
automatedsolutions:modbus\/tcp_master_opc_server	automatedsolutions modbus/tcp master opc server	le	3.0.1
automatedsolutions:modbus\/tcp_master_opc_server	automatedsolutions modbus/tcp master opc server	eq	2.0
automatedsolutions:modbus\/tcp_master_opc_server	automatedsolutions modbus/tcp master opc server	eq	2.0_build_1
automatedsolutions:modbus\/tcp_master_opc_server	automatedsolutions modbus/tcp master opc server	eq	2.0a
automatedsolutions:modbus\/tcp_master_opc_server	automatedsolutions modbus/tcp master opc server	eq	2.1
automatedsolutions:modbus\/tcp_master_opc_server	automatedsolutions modbus/tcp master opc server	eq	2.2
automatedsolutions:modbus\/tcp_master_opc_server	automatedsolutions modbus/tcp master opc server	eq	2.2a
automatedsolutions:modbus\/tcp_master_opc_server	automatedsolutions modbus/tcp master opc server	eq	2.3
automatedsolutions:modbus\/tcp_master_opc_server	automatedsolutions modbus/tcp master opc server	eq	2.3a
automatedsolutions:modbus\/tcp_master_opc_server	automatedsolutions modbus/tcp master opc server	eq	2.4

Rows per page:

1-10 of 341

References

automatedsolutions.com/pub/asmbtcpopc/readme.htm

secunia.com/advisories/43029

www.exploit-db.com/exploits/16040

www.kb.cert.org/vuls/id/768840

www.securityfocus.com/bid/45974

www.us-cert.gov/control_systems/pdf/ICSA-10-322-02A.pdf

www.vupen.com/english/advisories/2011/0209

exchange.xforce.ibmcloud.com/vulnerabilities/64944

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

High

0.702 High

EPSS

Percentile

98.0%

JSON

Related for CVE-2010-4709

prion1 nvd1 cert1 cvelist1 ics1