Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:2C9CE0911D9EA1EA6E4CBCC76E4ABB8D
HistoryMar 10, 2009 - 12:00 a.m.

Citect SCADA ODBC Service Overflow

2009-03-1000:00:00
SAINT Corporation
download.saintcorporation.com
25

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.822 High

EPSS

Percentile

98.4%

JSON

Added: 03/10/2009
CVE: CVE-2008-2639
BID: 29634
OSVDB: 46105

Background

The CitectSCADA and CitectFacilities applications include ODBC server capabilities to provide remote SQL access to a relational database. The ODBC Server component listens on port 20222/tcp by default.

Problem

A buffer overflow vulnerability caused by the handling of incorrect packets allows remote attackers to execute arbitrary commands.

Resolution

Follow the recommendations under “Industries and Solutions” for security, that provides some information for customers;
http://www.citect.com/index.php?option=com_content&task=view&id=186&Itemid=322

References

<http://archives.neohapsis.com/archives/fulldisclosure/2008-06/0146.html&gt;
<http://www.citect.com/documents/news_and_media/CitectSCADA-security-response.pdf&gt;

Limitations

Exploit works against;
ClientScada V6.10, ClientScada V7.0r1 and ClientFacilities V7.0

Target application does not install on Windows 2003 SP1.

Platforms

Windows Server 2003 SP2 / Windows Server 2003
Windows Server 2003 SP1
Windows Server 2003 SP0,SP1,SP2 DEP-Disabled
Windows 2000 / Windows XP
Version 6 - Windows 2003 SP2 DEP-Enabled
Version 6 - Windows 2003 SP1 DEP-Enabled
Version 6 - Windows 2003 SP0,SP1,SP2 DEP-Disabled
Version 6 - Windows 2000, Windows XP

Related

checkpoint_advisories 1
seebug 1
securityvulns 2
saint 3
packetstorm 1
kaspersky 1
coresecurity 1
canvas 1
prion 1
exploitpack 1
cert 1
cve 1
exploitdb 1
ics 1
checkpoint_advisories
checkpoint_advisories
Citect SCADA ODBC Overflow Attempt (CVE-2008-2639)
2012-12-02 00:00:00
seebug
seebug
CitectSCADA ODBC Server Remote Stack Buffer Overflow Exploit (meta)
2008-09-10 00:00:00
securityvulns
securityvulns
[Full-disclosure] CORE-2008-0125: CitectSCADA ODBC service vulnerability
2008-06-11 00:00:00
Citect CitectSCADA memory corruption
2008-06-11 00:00:00
saint
saint
Citect SCADA ODBC Service Overflow
2009-03-10 00:00:00
Citect SCADA ODBC Service Overflow
2009-03-10 00:00:00
Citect SCADA ODBC Service Overflow
2009-03-10 00:00:00
packetstorm
packetstorm
citect_scada_odbc.rb.txt
2008-09-06 00:00:00
kaspersky
kaspersky
KLA10109 ACE vulnerability in CitectSCADA
2008-06-16 00:00:00
coresecurity
coresecurity
CitectSCADA ODBC service vulnerability
2008-06-11 00:00:00
canvas
canvas
Immunity Canvas: CITECT_SCADA
2008-06-16 18:41:00
prion
prion
Stack overflow
2008-06-16 18:41:00
exploitpack
exploitpack
CitectSCADA ODBC Server - Remote Stack Buffer Overflow (Metasploit)
2008-09-05 00:00:00
cert
cert
Citect CitectSCADA ODBC service buffer overflow
2008-06-11 00:00:00
cve
cve
CVE-2008-2639
2008-06-16 18:41:00
exploitdb
exploitdb
CitectSCADA ODBC Server - Remote Stack Buffer Overflow (Metasploit)
2008-09-05 00:00:00
ics
ics
GLEG Agora SCADA+ Exploit Pack
2018-09-06 12:00:00

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.822 High

EPSS

Percentile

98.4%

JSON
Related for SAINT:2C9CE0911D9EA1EA6E4CBCC76E4ABB8D
checkpoint_advisories1seebug1securityvulns2saint3packetstorm1kaspersky1coresecurity1canvas1prion1exploitpack1cert1cve1exploitdb1ics1