This script is Copyright (C) 2007-2024 and is owned by Tenable, Inc. or an Affiliate thereof.SCADA_ICCP_LIVEDATA_DOS.NBINLiveData Server Multiple Remote Vulnerabilities
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.148 Low
EPSS
Percentile
95.8%
The remote host is running a version of the LiveData ICCP server that is older than version 5.00.62. Such versions are affected by the following vulnerabilities :
-
A heap overflow vulnerability can be triggered when processing malformed WSDL files via TCP leading to arbitrary code execution subject to the privileges of the remote service. (CVE-2007-2489)
-
A denial of service attack is possible using specially crafted Connection-Oriented Transport Protocol (COTP) packets. (CVE-2007-2490)
Binary data scada_iccp_livedata_dos.nbinRelated
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.148 Low
EPSS
Percentile
95.8%