The remote host is running a version of Cogent DataHub that is prior to 7.3.0. It is, therefore, affected by the following vulnerabilities :
An overflow condition exists in the HTTP server due to improper validation of user-supplied input when handling a specially crafted HTTP request with an overly long ‘header’ parameter. An unauthenticated, remote attacker can exploit this to cause a stack-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2013-0680)
A denial of service vulnerability exists that is triggered during the handling of specially crafted formatted text messages sent via TCP traffic. An unauthenticated, remote attacker can exploit this to cause a NULL pointer dereference, resulting in a crash of the service. (CVE-2013-0681)
A remote code execution vulnerability exists due to an out-of-bounds read error that is triggered during the handling of specially crafted formatted text commands.
An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2013-0682)
A denial of service vulnerability exists that is triggered during the handling of malformed data in a formatted text command. An unauthenticated, remote attacker can exploit this to crash the client.
(CVE-2013-0683)
Binary data scada_cogent_datahub_7_3_0.nbin
Vendor | Product | Version | CPE |
---|---|---|---|
cogentdatahub | cogent_datahub | cpe:/a:cogentdatahub:cogent_datahub |