Details of VAR-201107-0260

ID

VAR-201107-0260

CVE

CVE-2011-2960

TITLE

Sunwayland ForceControl httpsvr.exe Heap Buffer Overflow Vulnerability

Trust: 0.8

sources: IVD: c1fa5156-2354-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201107-468

DESCRIPTION

Heap-based buffer overflow in httpsvr.exe 6.0.5.3 in Sunway ForceControl 6.1 SP1, SP2, and SP3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted URL. Sunway ForceControl mainly provides general monitoring configuration software services. Sunway ForceControl is prone to multiple heap-based buffer-overflow vulnerabilities because the application fails to perform adequate boundary checks on user-supplied data. Failed exploit attempts will result in a denial-of-service condition. ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Sunway ForceControl WebServer Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA45033 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45033/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45033 RELEASE DATE: 2011-06-21 DISCUSS ADVISORY: http://secunia.com/advisories/45033/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45033/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45033 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Sunway ForceControl, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is reported in version 6.1 SP1, SP2, and SP3. SOLUTION: Apply patches (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: The vendor credits Dillon Beresford, NSS Labs. ORIGINAL ADVISORY: http://www.sunwayland.com.cn/news_info_.asp?Nid=3593 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 3.06

sources: NVD: CVE-2011-2960 // JVNDB: JVNDB-2011-003489 // CNVD: CNVD-2011-6909 // BID: 48328 // IVD: 35300150-1f92-11e6-abef-000c29c66e3d // IVD: 7d7dc831-463f-11e9-8b5b-000c29342cb1 // IVD: c1fa5156-2354-11e6-abef-000c29c66e3d // PACKETSTORM: 102460

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 1.2

sources: IVD: 35300150-1f92-11e6-abef-000c29c66e3d // IVD: 7d7dc831-463f-11e9-8b5b-000c29342cb1 // IVD: c1fa5156-2354-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-6909

AFFECTED PRODUCTS

vendor:	forcecontrol	model:	-	scope:	eq	version:	6.1	Trust: 1.8
vendor:	sunwayland	model:	forcecontrol	scope:	eq	version:	6.1	Trust: 1.6
vendor:	sunway forcecontrol	model:	forcecontrol	scope:	eq	version:	6.1 sp1	Trust: 0.8
vendor:	sunway forcecontrol	model:	forcecontrol	scope:	eq	version:	6.1 sp2	Trust: 0.8
vendor:	sunway forcecontrol	model:	forcecontrol	scope:	eq	version:	6.1 sp3	Trust: 0.8
vendor:	no	model:	-	scope:	-	version:	-	Trust: 0.6
vendor:	sunway	model:	pnetpower	scope:	eq	version:	6	Trust: 0.3
vendor:	sunway	model:	forcecontrol sp3	scope:	eq	version:	6.1	Trust: 0.3
vendor:	sunway	model:	forcecontrol sp2	scope:	eq	version:	6.1	Trust: 0.3
vendor:	sunway	model:	forcecontrol sp1	scope:	eq	version:	6.1	Trust: 0.3

sources: IVD: 35300150-1f92-11e6-abef-000c29c66e3d // IVD: 7d7dc831-463f-11e9-8b5b-000c29342cb1 // IVD: c1fa5156-2354-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-6909 // BID: 48328 // JVNDB: JVNDB-2011-003489 // CNNVD: CNNVD-201107-468 // NVD: CVE-2011-2960

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2011-2960
value:	HIGH
Trust: 1.0
NVD:	CVE-2011-2960
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2011-6909
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201107-468
value:	CRITICAL
Trust: 0.6
IVD:	35300150-1f92-11e6-abef-000c29c66e3d
value:	CRITICAL
Trust: 0.2
IVD:	7d7dc831-463f-11e9-8b5b-000c29342cb1
value:	CRITICAL
Trust: 0.2
IVD:	c1fa5156-2354-11e6-abef-000c29c66e3d
value:	CRITICAL
Trust: 0.2

nvd@nist.gov:	CVE-2011-2960
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2011-6909
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	35300150-1f92-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	7d7dc831-463f-11e9-8b5b-000c29342cb1
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	c1fa5156-2354-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

sources: IVD: 35300150-1f92-11e6-abef-000c29c66e3d // IVD: 7d7dc831-463f-11e9-8b5b-000c29342cb1 // IVD: c1fa5156-2354-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-6909 // JVNDB: JVNDB-2011-003489 // CNNVD: CNNVD-201107-468 // NVD: CVE-2011-2960

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.8

sources: JVNDB: JVNDB-2011-003489 // NVD: CVE-2011-2960

THREAT TYPE

remote

Trust: 1.2

sources: CNNVD: CNNVD-201106-204 // CNNVD: CNNVD-201107-468

TYPE

Buffer overflow

Trust: 1.8

sources: IVD: 35300150-1f92-11e6-abef-000c29c66e3d // IVD: 7d7dc831-463f-11e9-8b5b-000c29342cb1 // IVD: c1fa5156-2354-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201106-204 // CNNVD: CNNVD-201107-468

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-003489

PATCH

title:	Top Page	url:	http://www.sunwayland.com.cn/	Trust: 0.8
title:	Sunway ForceControl patch for multiple remote security vulnerabilities	url:	https://www.cnvd.org.cn/patchInfo/show/43297	Trust: 0.6

sources: CNVD: CNVD-2011-6909 // JVNDB: JVNDB-2011-003489

EXTERNAL IDS

db:	NVD	id:	CVE-2011-2960	Trust: 3.3
db:	ICS CERT	id:	ICSA-11-167-01	Trust: 2.4
db:	SECUNIA	id:	45033	Trust: 1.7
db:	CNVD	id:	CNVD-2011-05347	Trust: 1.6
db:	SECTRACK	id:	1025672	Trust: 1.6
db:	OSVDB	id:	73124	Trust: 1.6
db:	BID	id:	48328	Trust: 1.5
db:	CNNVD	id:	CNNVD-201107-468	Trust: 1.2
db:	CNVD	id:	CNVD-2011-6909	Trust: 1.0
db:	JVNDB	id:	JVNDB-2011-003489	Trust: 0.8
db:	CNNVD	id:	CNNVD-201106-204	Trust: 0.6
db:	ICS CERT ALERT	id:	ICS-ALERT-11-230-01	Trust: 0.3
db:	IVD	id:	35300150-1F92-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	IVD	id:	7D7DC831-463F-11E9-8B5B-000C29342CB1	Trust: 0.2
db:	IVD	id:	C1FA5156-2354-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	PACKETSTORM	id:	102460	Trust: 0.1

sources: IVD: 35300150-1f92-11e6-abef-000c29c66e3d // IVD: 7d7dc831-463f-11e9-8b5b-000c29342cb1 // IVD: c1fa5156-2354-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-6909 // BID: 48328 // JVNDB: JVNDB-2011-003489 // PACKETSTORM: 102460 // CNNVD: CNNVD-201106-204 // CNNVD: CNNVD-201107-468 // NVD: CVE-2011-2960

REFERENCES

url:	http://www.sunwayland.com.cn/news_info_.asp?nid=3593	Trust: 2.9
url:	http://www.us-cert.gov/control_systems/pdf/icsa-11-167-01.pdf	Trust: 2.4
url:	http://www.osvdb.org/73124	Trust: 1.6
url:	http://www.cnvd.org.cn/vulnerability/cnvd-2011-05347	Trust: 1.6
url:	http://securitytracker.com/id?1025672	Trust: 1.6
url:	http://secunia.com/advisories/45033	Trust: 1.6
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2960	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2960	Trust: 0.8
url:	http://www.securityfocus.com/bid/48328	Trust: 0.6
url:	http://www.us-cert.gov/control_systems/pdf/ics-alert-11-230-01.pdf	Trust: 0.3
url:	http://secunia.com/products/corporate/vim/fs_request_2011/	Trust: 0.1
url:	http://secunia.com/advisories/45033/	Trust: 0.1
url:	https://ca.secunia.com/?page=viewadvisory&vuln_id=45033	Trust: 0.1
url:	http://secunia.com/vulnerability_intelligence/	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/	Trust: 0.1
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/personal/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/advisories/45033/#comments	Trust: 0.1
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.1

sources: CNVD: CNVD-2011-6909 // BID: 48328 // JVNDB: JVNDB-2011-003489 // PACKETSTORM: 102460 // CNNVD: CNNVD-201106-204 // CNNVD: CNNVD-201107-468 // NVD: CVE-2011-2960

CREDITS

Dillon Beresford of NSS Labs

Trust: 0.9

sources: BID: 48328 // CNNVD: CNNVD-201106-204

SOURCES

db:	IVD	id:	35300150-1f92-11e6-abef-000c29c66e3d
db:	IVD	id:	7d7dc831-463f-11e9-8b5b-000c29342cb1
db:	IVD	id:	c1fa5156-2354-11e6-abef-000c29c66e3d
db:	CNVD	id:	CNVD-2011-6909
db:	BID	id:	48328
db:	JVNDB	id:	JVNDB-2011-003489
db:	PACKETSTORM	id:	102460
db:	CNNVD	id:	CNNVD-201106-204
db:	CNNVD	id:	CNNVD-201107-468
db:	NVD	id:	CVE-2011-2960

LAST UPDATE DATE

2024-08-14T14:14:40.979000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2011-6909	date:	2014-02-11T00:00:00
db:	BID	id:	48328	date:	2011-08-26T23:10:00
db:	JVNDB	id:	JVNDB-2011-003489	date:	2011-12-22T00:00:00
db:	CNNVD	id:	CNNVD-201106-204	date:	2011-06-21T00:00:00
db:	CNNVD	id:	CNNVD-201107-468	date:	2011-08-02T00:00:00
db:	NVD	id:	CVE-2011-2960	date:	2011-08-01T04:00:00

SOURCES RELEASE DATE

db:	IVD	id:	35300150-1f92-11e6-abef-000c29c66e3d	date:	2014-02-11T00:00:00
db:	IVD	id:	7d7dc831-463f-11e9-8b5b-000c29342cb1	date:	2014-02-11T00:00:00
db:	IVD	id:	c1fa5156-2354-11e6-abef-000c29c66e3d	date:	2011-07-29T00:00:00
db:	CNVD	id:	CNVD-2011-6909	date:	2011-06-17T00:00:00
db:	BID	id:	48328	date:	2011-06-17T00:00:00
db:	JVNDB	id:	JVNDB-2011-003489	date:	2011-12-22T00:00:00
db:	PACKETSTORM	id:	102460	date:	2011-06-21T01:16:50
db:	CNNVD	id:	CNNVD-201106-204	date:	1900-01-01T00:00:00
db:	CNNVD	id:	CNNVD-201107-468	date:	2011-07-29T00:00:00
db:	NVD	id:	CVE-2011-2960	date:	2011-07-29T19:55:04.047