This script is Copyright (C) 2013-2024 and is owned by Tenable, Inc. or an Affiliate thereof.SCADA_COGENT_DATAHUB_7_3_0.NBINCogent DataHub < 7.3.0 Multiple Vulnerabilities
0.011 Low
EPSS
Percentile
84.1%
The remote host is running a version of Cogent DataHub that is prior to 7.3.0. It is, therefore, affected by the following vulnerabilities :
-
An overflow condition exists in the HTTP server due to improper validation of user-supplied input when handling a specially crafted HTTP request with an overly long ‘header’ parameter. An unauthenticated, remote attacker can exploit this to cause a stack-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2013-0680)
-
A denial of service vulnerability exists that is triggered during the handling of specially crafted formatted text messages sent via TCP traffic. An unauthenticated, remote attacker can exploit this to cause a NULL pointer dereference, resulting in a crash of the service. (CVE-2013-0681)
-
A remote code execution vulnerability exists due to an out-of-bounds read error that is triggered during the handling of specially crafted formatted text commands.
An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2013-0682) -
A denial of service vulnerability exists that is triggered during the handling of malformed data in a formatted text command. An unauthenticated, remote attacker can exploit this to crash the client.
(CVE-2013-0683)
Binary data scada_cogent_datahub_7_3_0.nbin| Vendor | Product | Version | CPE |
|---|---|---|---|
| cogentdatahub | cogent_datahub | cpe:/a:cogentdatahub:cogent_datahub |
Related
