Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2024 and is owned by Tenable, Inc. or an Affiliate thereof.SCADA_CODESYS_GATEWAY_2_3_9_27.NBIN
HistoryMar 11, 2013 - 12:00 a.m.

CoDeSys Gateway Service < 2.3.9.27 Multiple Vulnerabilities

2013-03-1100:00:00
This script is Copyright (C) 2013-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.673 Medium

EPSS

Percentile

98.0%

JSON

The remote host is running a version of CoDeSys Gateway Service prior to version 2.3.9.27. It is, therefore, affected by the following vulnerabilities:

  • Two unspecified memory range/bounds checking flaws exist that can be triggered by a specially crafted packet sent to the Gateway service on port 1211. (CVE-2012-4704, CVE-2012-4707)

  • An unspecified directory traversal vulnerability exists that can be used to access arbitrary files on the remote host. This flaw could be exploited by sending a specially crafted packet to the Gateway service on port 1211. (CVE-2012-4705)

  • An unspecified heap overflow (leading to a denial of service condition or possible arbitrary code execution) vulnerability exists that can be triggered by sending a specially crafted packet to the Gateway service on port 1211. (CVE-2012-4706)

  • An unspecified stack overflow (leading to a denial of service condition or possible arbitrary code execution) vulnerability exists that can be triggered by sending a specially crafted packet to the Gateway service on port 1211. (CVE-2012-4708)

Binary data scada_codesys_gateway_2_3_9_27.nbin
VendorProductVersionCPE
3s-softwarecodesys_gateway-servercpe:/a:3s-software:codesys_gateway-server

Related

ics 1
cve 5
cvelist 5
packetstorm 1
checkpoint_advisories 5
saint 8
prion 5
nvd 5
zdt 2
ics
ics
3S CODESYS Gateway-Server Vulnerabilities (Update A)
2018-09-06 12:00:00
cve
cve
CVE-2012-4706
2013-02-24 11:48:21
CVE-2012-4705
2013-02-24 11:48:21
CVE-2012-4707
2013-02-24 11:48:21
cvelist
cvelist
CVE-2012-4706
2013-02-24 11:00:00
CVE-2012-4708
2013-02-24 11:00:00
CVE-2012-4705
2013-02-24 11:00:00
packetstorm
packetstorm
SCADA 3S CoDeSys Gateway Server Directory Traversal
2013-03-08 00:00:00
checkpoint_advisories
checkpoint_advisories
3S Smart Software Solutions CoDeSys Gateway Server Directory Traversal (CVE-2012-4705)
2013-06-30 00:00:00
3S Smart Software Solutions CoDeSys Gateway Server Stack Buffer Overflow (CVE-2012-4708)
2013-06-30 00:00:00
3S Smart Software Solutions CoDeSys Gateway Server Denial Of Service (CVE-2012-4707)
2013-06-30 00:00:00
saint
saint
3S Smart Software Solutions CoDeSys Gateway Server Directory Traversal
2013-05-06 00:00:00
3S CoDeSys Gateway Server Crafted Packet Stack Overflow
2013-04-29 00:00:00
3S CoDeSys Gateway Server Crafted Packet Stack Overflow
2013-04-29 00:00:00
prion
prion
Directory traversal
2013-02-24 11:48:00
Stack overflow
2013-02-24 11:48:00
Out-of-bounds
2013-02-24 11:48:00
nvd
nvd
CVE-2012-4708
2013-02-24 11:48:21
CVE-2012-4707
2013-02-24 11:48:21
CVE-2012-4705
2013-02-24 11:48:21
zdt
zdt
CADA 3S CoDeSys Gateway Server - Directory Traversal Exploit
2017-03-23 00:00:00
SCADA 3S CoDeSys Gateway Server Directory Traversal Vulnerability
2013-03-09 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.673 Medium

EPSS

Percentile

98.0%

JSON
Related for SCADA_CODESYS_GATEWAY_2_3_9_27.NBIN
ics1cve5cvelist5packetstorm1checkpoint_advisories5saint8prion5nvd5zdt2