Eng

Services

Security Assessment

Website Security Audit

Network Penetration Testing

Solutions

DataCenter GreenZone

Web Application Security

Vulnerability Assessment

Intrusion Protection System

News and Events

Search: Advanced search

server monitoring

Takebishi Electric DeviceXPlorer OPC Server Multiple Vulnerabilities

Article ID: 24872

Last updated: 27 Jan, 2009

Print

Email to friend

Views: 509

Posted: 22 Jan, 2009
by: Tech Pubs S.

Updated: 27 Jan, 2009
by: Tech Pubs S.

Takebishi Electric DeviceXPlorer OPC Server Multiple Vulnerabilities

This script is Copyright (C) 2007 Tenable Network Security, Inc.


Family	SCADA
Plugin ID	24872
Bugtraq ID	23037
CVE ID	CVE-2007-1319

Description:
Synopsis : The remote Windows host has an application that is susceptible to remote execution of arbitrary code. Description : The version of the Takebishi Electric DeviceXPlorer OPC server installed on the remote Windows host reportedly contains flaws in its data access methods that allow access to arbitrary portions of memory. A remote attacker with access to the OPC interface may be able to leverage these issues to discover sensitive information, crash the affected service, or execute arbitrary code on the affected host. See also : http://www.neutralbit.com/en/rd/advisories/NB07-07.txt http://www.neutralbit.com/en/rd/advisories/NB07-08.txt http://www.neutralbit.com/en/rd/advisories/NB07-09.txt http://www.neutralbit.com/en/rd/advisories/NB07-10.txt http://www.neutralbit.com/en/rd/advisories/NB07-17.txt http://www.kb.cert.org/vuls/id/926551 http://www.faweb.net/us/opc/1231207.html Solution : Upgrade to version 3.12 build3 (3.12.003) or later of the appropriate DeviceXPlorer OPC Server. Risk factor : High / CVSS Base Score : 7.0 (AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N)

This article was: Helpful | Not Helpful

Prev		Next
ICCP/COTP TSAP Addressing		DNP3 Unsolicited Messaging

server monitoring