Lucene search
HistorySep 16, 2011 - 2:28 p.m.
CVE-2011-3490
cve-2011-3490
buffer overflow
denial of service
remote attackers
measuresoft scadapro
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
8 High
AI Score
Confidence
Low
0.053 Low
EPSS
Percentile
93.1%
Multiple stack-based buffer overflows in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long command to port 11234, as demonstrated with the TF command.
Affected configurations
Node
measuresoftscadaproRange≤4.0.0
ORmeasuresoftscadaproMatch2.1
ORmeasuresoftscadaproMatch2.2
ORmeasuresoftscadaproMatch2.3
ORmeasuresoftscadaproMatch2.4
ORmeasuresoftscadaproMatch2.4.1
ORmeasuresoftscadaproMatch2.4.2
ORmeasuresoftscadaproMatch2.4.3
ORmeasuresoftscadaproMatch2.4.4
ORmeasuresoftscadaproMatch2.4.5
ORmeasuresoftscadaproMatch2.4.6
ORmeasuresoftscadaproMatch2.5
ORmeasuresoftscadaproMatch2.5.1
ORmeasuresoftscadaproMatch2.5.2
ORmeasuresoftscadaproMatch2.5.3
ORmeasuresoftscadaproMatch2.5.4
ORmeasuresoftscadaproMatch2.5.5
ORmeasuresoftscadaproMatch2.6.0
ORmeasuresoftscadaproMatch2.7.0
ORmeasuresoftscadaproMatch2.7.1
ORmeasuresoftscadaproMatch2.7.2
ORmeasuresoftscadaproMatch2.8.0
ORmeasuresoftscadaproMatch2.9.0
ORmeasuresoftscadaproMatch3.1.0
ORmeasuresoftscadaproMatch3.2.8
ORmeasuresoftscadaproMatch3.2.9
ORmeasuresoftscadaproMatch3.3.0
ORmeasuresoftscadaproMatch3.3.1
ORmeasuresoftscadaproMatch3.3.2
ORmeasuresoftscadaproMatch3.9.0
ORmeasuresoftscadaproMatch3.9.1
ORmeasuresoftscadaproMatch3.9.2
ORmeasuresoftscadaproMatch3.9.3
ORmeasuresoftscadaproMatch3.9.4
ORmeasuresoftscadaproMatch3.9.5
ORmeasuresoftscadaproMatch3.9.6
ORmeasuresoftscadaproMatch3.9.7
ORmeasuresoftscadaproMatch3.9.8
ORmeasuresoftscadaproMatch3.9.9
ORmeasuresoftscadaproMatch3.9.10
ORmeasuresoftscadaproMatch3.9.11
ORmeasuresoftscadaproMatch3.9.12
ORmeasuresoftscadaproMatch3.9.13
ORmeasuresoftscadaproMatch3.9.14
ORmeasuresoftscadaproMatch3.9.15
Related
saint
saint
Measuresoft ScadaPro xf Command Execution
2011-11-28 00:00:00
Measuresoft ScadaPro xf Command Execution
2011-11-28 00:00:00
Measuresoft ScadaPro xf Command Execution
2011-11-28 00:00:00
checkpoint_advisories
checkpoint_advisories
Measuresoft ScadaPro xf Command Execution (CVE-2011-3490)
2012-03-19 00:00:00
prion
prion
Stack overflow
2011-09-16 14:28:00
nvd
nvd
CVE-2011-3490
2011-09-16 14:28:12
cvelist
cvelist
CVE-2011-3490
2011-09-16 14:00:00
ics
ics
Measuresoft ScadaPro Vulnerabilities
2018-09-06 12:00:00
openvas
openvas
Measuresoft ScadaPro Multiple Security Vulnerabilities
2012-12-19 00:00:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
8 High
AI Score
Confidence
Low
0.053 Low
EPSS
Percentile
93.1%
Related for CVE-2011-3490