Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1565

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2011-1565
Last Modified 21 Sep 2011 11:30:30
Published 05 Apr 2011 11:19:35
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-1565

Summary

Directory traversal vulnerability in IGSSdataServer.exe 9.00.00.11063 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) allows remote attackers to (1) read (opcode 0x3) or (2) create or write (opcode 0x2) arbitrary files via ..\ (dot dot backslash) sequences to TCP port 12401.

Vulnerable Systems

Application

  • 7t Igss


References

MISC - http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-080-03.pdf

VUPEN - ADV-2011-0741

BID - 46936

EXPLOIT-DB - 17024

SREASON - 8178

SECUNIA - 43849

MISC - http://aluigi.org/adv/igss_1-adv.txt


Last Updated: 27 May 2016 10:56:22