20 matches found
EUVD-2014-1771
Malware in sbrugna...
The vulnerability of the automated system for managing technological processes of SIMATIC WinCC OA allows a malicious individual to execute arbitrary codes without going through authentication procedures.
The vulnerability of the SIMATIC Winn CC OAM software relates to errors that occur when processing specially crafted TCP packets. Exploiting this vulnerability allows a malicious individual to execute arbitrary code by sending specially crafted packets to port 4999...
CVE-2014-2731
Multiple unspecified vulnerabilities in the integrated web server in Siemens SINEMA Server before 12 SP1 allow remote attackers to execute arbitrary code via HTTP traffic to port 1 4999 or 2 80...
CVE-2014-2732
Multiple directory traversal vulnerabilities in the integrated web server in Siemens SINEMA Server before 12 SP1 allow remote attackers to access arbitrary files via HTTP traffic to port 1 4999 or 2 80...
Code injection
Multiple unspecified vulnerabilities in the integrated web server in Siemens SINEMA Server before 12 SP1 allow remote attackers to execute arbitrary code via HTTP traffic to port 1 4999 or 2 80...
Design/Logic Flaw
Siemens SINEMA Server before 12 SP1 allows remote attackers to cause a denial of service web-interface outage via crafted HTTP requests to port 1 4999 or 2 80...
Directory traversal
Multiple directory traversal vulnerabilities in the integrated web server in Siemens SINEMA Server before 12 SP1 allow remote attackers to access arbitrary files via HTTP traffic to port 1 4999 or 2 80...
CVE-2014-2732
Multiple directory traversal vulnerabilities in the integrated web server in Siemens SINEMA Server before 12 SP1 allow remote attackers to access arbitrary files via HTTP traffic to port 1 4999 or 2 80...
CVE-2014-2731
Multiple unspecified vulnerabilities in the integrated web server in Siemens SINEMA Server before 12 SP1 allow remote attackers to execute arbitrary code via HTTP traffic to port 1 4999 or 2 80...
CVE-2014-2732
Siemens SINEMA Server (all versions prior to 12 SP1) contains directory traversal and related input-validation weaknesses in its integrated web server accessible via ports 4999 and 80. The issues allow remote attackers to access arbitrary files on the server, due to traversal and code-execution r...
SIEMENS SIMATIC WinCC Open Architecture拒绝服务漏洞
BUGTRAQ ID: 65347 CVECAN ID: CVE-2014-1699 Siemens SIMATIC WinCC 是监测控制和数据采集SCADA及人机界面HMI系统。 SIEMENS SIMATIC WinCC OA 3.12 P002之前版本存在安全漏洞,远程攻击者通过向端口4999发送畸形的HTTP请求,利用此漏洞即可造成拒绝服务(监控服务中断)。 0 Siemens SIMATIC WinCC Open Architecture 3.12 P002 January 厂商补丁: Siemens -------...
CVE-2014-1697
The integrated web server in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to execute arbitrary code via crafted packets to TCP port 4999...
CVE-2014-1698
Directory traversal vulnerability in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to read arbitrary files via crafted packets to TCP port 4999...
Code injection
The integrated web server in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to execute arbitrary code via crafted packets to TCP port 4999...
Directory traversal
Directory traversal vulnerability in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to read arbitrary files via crafted packets to TCP port 4999...
Code injection
Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to cause a denial of service monitoring-service outage via malformed HTTP requests to port 4999...
CVE-2014-1698
Directory traversal vulnerability in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to read arbitrary files via crafted packets to TCP port 4999...
CVE-2014-1699
Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to cause a denial of service monitoring-service outage via malformed HTTP requests to port 4999...
CVE-2014-1697
The integrated web server in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to execute arbitrary code via crafted packets to TCP port 4999...
CVE-2014-1697
The CVE-2014-1697 entry concerns Siemens SIMATIC WinCC OA prior to version 3.12 P002. The vulnerability lies in the integrated Web server on port 4999, where specially crafted, unauthenticated packets can remotely trigger arbitrary code execution due to improper handling of inputs (code injection...