CVE-2013-0662

The CVE-2013-0662 vulnerability affects Schneider Electric’s Modbus Serial Driver (ModbusDrv.exe) used by multiple Schneider Electric products. A stack-based buffer overflow is triggered when a large value is specified in the Modbus Application Header, enabling remote code execution with the user...

COPA-DATA Improper Input Validation

OVERVIEW Automation software company Ing. Punzenberger COPA-DATA GmbH reported an improper input validation vulnerability affecting the DNP3 driver in the zenon SCADA software. The vulnerability was found based on the DNP3 research conducted by Adam Crain of Automatak and Chris Sistrunk of...

[USBLogView] Records the details of any USB device that is plugged or unplugged into your system

USBLogView is a small utility that runs in the background and records the details of any USB device that is plugged or unplugged into your system. For every log line created by USBLogView, the following information is displayed: Event Type Plug/Unplug, Event Time, Device Name, Description, Device...

CVE-2013-4535

The virtqueuemapsg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read...

UBUNTU-CVE-2013-4535

The virtqueuemapsg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read...

Cisco Unified Computing System Serial over LAN Static Private Key Vulnerability (CSCte90338)

A vulnerability in the Cisco Unified Computing System Serial over LAN SoL implementation could allow an unauthenticated, remote attacker to perform a man-in-the-middle MITM attack. The vulnerability occurs because the Board Management Controller BMC uses a hard-coded private key. An attacker coul...

CCID: Arbitrary code execution

Background CCID is a generic USB Chip/Smart Card Interface Devices driver. Description CCID contains an integer overflow vulnerability in ccidserial.c. Impact A physically proximate attacker could execute arbitrary code via a smart card with a specially crafted serial number. Workaround There is ...

NETGEAR WNR1000v3 Password Recovery Vulnerability

Description: Newer firmware versions of the NETGEAR N150 WNR1000v3 wireless router are affected by a password recovery vulnerability. Exploiting this vulnerability allows an attacker to recover the router's plaintext Administrator credentials and subsequently gain full access to the device. This...

Ubuntu Update for linux USN-2075-1

Check for the Version of linux OpenVAS Vulnerability Test $Id: gbubuntuUSN20751.nasl 7957 2017-12-01 06:40:08Z santu $ Ubuntu Update for linux USN-2075-1 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; yo...

Ubuntu 13.10 : linux vulnerabilities (USN-2075-1)

Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. CVE-2013-2929 Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event subsystem that allows...

CVE-2013-2822

NovaTech Orion Substation Automation Platform OrionLX DNP Master 1.27.38 and DNP Slave 1.23.10 and earlier and Orion5/Orion5r DNP Master 1.27.38 and DNP Slave 1.23.10 and earlier allow physically proximate attackers to cause a denial of service driver crash and process restart via crafted input...

Design/Logic Flaw

NovaTech Orion Substation Automation Platform OrionLX DNP Master 1.27.38 and DNP Slave 1.23.10 and earlier and Orion5/Orion5r DNP Master 1.27.38 and DNP Slave 1.23.10 and earlier allow physically proximate attackers to cause a denial of service driver crash and process restart via crafted input...

CVE-2013-2816

The DNP3 component in Cooper Power Systems SMP 4, 4/DP, and 16 gateways allows physically proximate attackers to cause a denial of service reboot or link outage via crafted input over a serial line...

Design/Logic Flaw

The DNP3 component in Cooper Power Systems SMP 4, 4/DP, and 16 gateways allows physically proximate attackers to cause a denial of service reboot or link outage via crafted input over a serial line...

Cisco IOS XR Version

The remote host is running IOS XR, an operating system for high-end carrier-grade Cisco routers. It is possible to read the IOS XR version number by connecting to the router using SSH or SNMP. C Tenable, Inc. include"compat.inc"; if description scriptid71430; scriptversion"1.20";...

Tape library and drives are shown as separate devices

Challenge Tape library and drives are shown as separate devices in console or loading tape into TapeDrive0 moves the tape into TapeDrive1 etc. Shown here, the Tape Library has no Tape Drive listed Shown here, the Tape Drive is separate from the Tape Library. Cause The tape library is not reportin...

CVE-2013-2818

The DNP Master Driver in Alstom e-terracontrol 3.5, 3.6, and 3.7 allows physically proximate attackers to cause a denial of service infinite loop and DNP3 service disruption via crafted input over a serial line...

Design/Logic Flaw

The DNP Master Driver in Alstom e-terracontrol 3.5, 3.6, and 3.7 allows physically proximate attackers to cause a denial of service infinite loop and DNP3 service disruption via crafted input over a serial line...

CVE-2013-2818

CVE-2013-2818 affects Alstom e-terra control software, specifically the DNP Master Driver in versions 3.5, 3.6 and 3.7. The root cause is improper input validation in the DNP3 Master component, which can cause the software to enter an infinite loop and disrupt DNP3 services. The IP-connected vari...

CVE-2013-2823

The 1 Catapult DNP3 I/O driver before 7.2.0.60 and the 2 GE Intelligent Platforms Proficy DNP3 I/O driver before 7.20k, as used in DNPDrv.exe aka the DNP master station server in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY and iFIX, allow physically proximate attackers to cause a deni...