Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3495

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2011-3495
Last Modified 13 Feb 2012 11:08:47
Published 16 Sep 2011 01:26:14
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-3495

Summary

Multiple directory traversal vulnerabilities in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to read, modify, or delete arbitrary files via the (1) RF, (2) wF, (3) UF, or (4) NF command.

Vulnerable Systems

Application

  • Measuresoft Scadapro 2.1

  • Measuresoft Scadapro 2.2

  • Measuresoft Scadapro 2.3

  • Measuresoft Scadapro 2.4

  • Measuresoft Scadapro 2.4.1

  • Measuresoft Scadapro 2.4.2

  • Measuresoft Scadapro 2.4.3

  • Measuresoft Scadapro 2.4.4

  • Measuresoft Scadapro 2.4.5

  • Measuresoft Scadapro 2.4.6

  • Measuresoft Scadapro 2.5

  • Measuresoft Scadapro 2.5.1

  • Measuresoft Scadapro 2.5.2

  • Measuresoft Scadapro 2.5.3

  • Measuresoft Scadapro 2.5.4

  • Measuresoft Scadapro 2.5.5

  • Measuresoft Scadapro 2.6.0

  • Measuresoft Scadapro 2.7.0

  • Measuresoft Scadapro 2.7.1

  • Measuresoft Scadapro 2.7.2

  • Measuresoft Scadapro 2.8.0

  • Measuresoft Scadapro 2.9.0

  • Measuresoft Scadapro 3.1.0

  • Measuresoft Scadapro 3.2.8

  • Measuresoft Scadapro 3.2.9

  • Measuresoft Scadapro 3.3.0

  • Measuresoft Scadapro 3.3.1

  • Measuresoft Scadapro 3.3.2

  • Measuresoft Scadapro 3.9.0

  • Measuresoft Scadapro 3.9.1

  • Measuresoft Scadapro 3.9.10

  • Measuresoft Scadapro 3.9.11

  • Measuresoft Scadapro 3.9.12

  • Measuresoft Scadapro 3.9.13

  • Measuresoft Scadapro 3.9.14

  • Measuresoft Scadapro 3.9.15

  • Measuresoft Scadapro 3.9.2

  • Measuresoft Scadapro 3.9.3

  • Measuresoft Scadapro 3.9.4

  • Measuresoft Scadapro 3.9.5

  • Measuresoft Scadapro 3.9.6

  • Measuresoft Scadapro 3.9.7

  • Measuresoft Scadapro 3.9.8

  • Measuresoft Scadapro 3.9.9

  • Measuresoft Scadapro 4.0.0


References

MISC - http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-256-04.pdf

MISC - http://aluigi.altervista.org/adv/scadapro_1-adv.txt

SREASON - 8382


Last Updated: 27 May 2016 10:57:25