ID

VAR-201107-0260


CVE

CVE-2011-2960


TITLE

Sunwayland ForceControl httpsvr.exe Heap Buffer Overflow Vulnerability

Trust: 0.8

sources: IVD: c1fa5156-2354-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201107-468

DESCRIPTION

Heap-based buffer overflow in httpsvr.exe 6.0.5.3 in Sunway ForceControl 6.1 SP1, SP2, and SP3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted URL. Sunway ForceControl mainly provides general monitoring configuration software services. Sunway ForceControl is prone to multiple heap-based buffer-overflow vulnerabilities because the application fails to perform adequate boundary checks on user-supplied data. Failed exploit attempts will result in a denial-of-service condition. ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Sunway ForceControl WebServer Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA45033 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45033/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45033 RELEASE DATE: 2011-06-21 DISCUSS ADVISORY: http://secunia.com/advisories/45033/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45033/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45033 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Sunway ForceControl, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is reported in version 6.1 SP1, SP2, and SP3. SOLUTION: Apply patches (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: The vendor credits Dillon Beresford, NSS Labs. ORIGINAL ADVISORY: http://www.sunwayland.com.cn/news_info_.asp?Nid=3593 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 3.06

sources: NVD: CVE-2011-2960 // JVNDB: JVNDB-2011-003489 // CNVD: CNVD-2011-6909 // BID: 48328 // IVD: 35300150-1f92-11e6-abef-000c29c66e3d // IVD: 7d7dc831-463f-11e9-8b5b-000c29342cb1 // IVD: c1fa5156-2354-11e6-abef-000c29c66e3d // PACKETSTORM: 102460

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 1.2

sources: IVD: 35300150-1f92-11e6-abef-000c29c66e3d // IVD: 7d7dc831-463f-11e9-8b5b-000c29342cb1 // IVD: c1fa5156-2354-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-6909

AFFECTED PRODUCTS

vendor:forcecontrolmodel: - scope:eqversion:6.1

Trust: 1.8

vendor:sunwaylandmodel:forcecontrolscope:eqversion:6.1

Trust: 1.6

vendor:sunway forcecontrolmodel:forcecontrolscope:eqversion:6.1 sp1

Trust: 0.8

vendor:sunway forcecontrolmodel:forcecontrolscope:eqversion:6.1 sp2

Trust: 0.8

vendor:sunway forcecontrolmodel:forcecontrolscope:eqversion:6.1 sp3

Trust: 0.8

vendor:nomodel: - scope: - version: -

Trust: 0.6

vendor:sunwaymodel:pnetpowerscope:eqversion:6

Trust: 0.3

vendor:sunwaymodel:forcecontrol sp3scope:eqversion:6.1

Trust: 0.3

vendor:sunwaymodel:forcecontrol sp2scope:eqversion:6.1

Trust: 0.3

vendor:sunwaymodel:forcecontrol sp1scope:eqversion:6.1

Trust: 0.3

sources: IVD: 35300150-1f92-11e6-abef-000c29c66e3d // IVD: 7d7dc831-463f-11e9-8b5b-000c29342cb1 // IVD: c1fa5156-2354-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-6909 // BID: 48328 // JVNDB: JVNDB-2011-003489 // CNNVD: CNNVD-201107-468 // NVD: CVE-2011-2960

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2011-2960
value: HIGH

Trust: 1.0

NVD: CVE-2011-2960
value: HIGH

Trust: 0.8

CNVD: CNVD-2011-6909
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201107-468
value: CRITICAL

Trust: 0.6

IVD: 35300150-1f92-11e6-abef-000c29c66e3d
value: CRITICAL

Trust: 0.2

IVD: 7d7dc831-463f-11e9-8b5b-000c29342cb1
value: CRITICAL

Trust: 0.2

IVD: c1fa5156-2354-11e6-abef-000c29c66e3d
value: CRITICAL

Trust: 0.2

nvd@nist.gov: CVE-2011-2960
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2011-6909
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 35300150-1f92-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: 7d7dc831-463f-11e9-8b5b-000c29342cb1
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: c1fa5156-2354-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

sources: IVD: 35300150-1f92-11e6-abef-000c29c66e3d // IVD: 7d7dc831-463f-11e9-8b5b-000c29342cb1 // IVD: c1fa5156-2354-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-6909 // JVNDB: JVNDB-2011-003489 // CNNVD: CNNVD-201107-468 // NVD: CVE-2011-2960

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.8

sources: JVNDB: JVNDB-2011-003489 // NVD: CVE-2011-2960

THREAT TYPE

remote

Trust: 1.2

sources: CNNVD: CNNVD-201106-204 // CNNVD: CNNVD-201107-468

TYPE

Buffer overflow

Trust: 1.8

sources: IVD: 35300150-1f92-11e6-abef-000c29c66e3d // IVD: 7d7dc831-463f-11e9-8b5b-000c29342cb1 // IVD: c1fa5156-2354-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201106-204 // CNNVD: CNNVD-201107-468

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-003489

PATCH

title:Top Pageurl:http://www.sunwayland.com.cn/

Trust: 0.8

title:Sunway ForceControl patch for multiple remote security vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/43297

Trust: 0.6

sources: CNVD: CNVD-2011-6909 // JVNDB: JVNDB-2011-003489

EXTERNAL IDS

db:NVDid:CVE-2011-2960

Trust: 3.3

db:ICS CERTid:ICSA-11-167-01

Trust: 2.4

db:SECUNIAid:45033

Trust: 1.7

db:CNVDid:CNVD-2011-05347

Trust: 1.6

db:SECTRACKid:1025672

Trust: 1.6

db:OSVDBid:73124

Trust: 1.6

db:BIDid:48328

Trust: 1.5

db:CNNVDid:CNNVD-201107-468

Trust: 1.2

db:CNVDid:CNVD-2011-6909

Trust: 1.0

db:JVNDBid:JVNDB-2011-003489

Trust: 0.8

db:CNNVDid:CNNVD-201106-204

Trust: 0.6

db:ICS CERT ALERTid:ICS-ALERT-11-230-01

Trust: 0.3

db:IVDid:35300150-1F92-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:IVDid:7D7DC831-463F-11E9-8B5B-000C29342CB1

Trust: 0.2

db:IVDid:C1FA5156-2354-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:PACKETSTORMid:102460

Trust: 0.1

sources: IVD: 35300150-1f92-11e6-abef-000c29c66e3d // IVD: 7d7dc831-463f-11e9-8b5b-000c29342cb1 // IVD: c1fa5156-2354-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-6909 // BID: 48328 // JVNDB: JVNDB-2011-003489 // PACKETSTORM: 102460 // CNNVD: CNNVD-201106-204 // CNNVD: CNNVD-201107-468 // NVD: CVE-2011-2960

REFERENCES

url:http://www.sunwayland.com.cn/news_info_.asp?nid=3593

Trust: 2.9

url:http://www.us-cert.gov/control_systems/pdf/icsa-11-167-01.pdf

Trust: 2.4

url:http://www.osvdb.org/73124

Trust: 1.6

url:http://www.cnvd.org.cn/vulnerability/cnvd-2011-05347

Trust: 1.6

url:http://securitytracker.com/id?1025672

Trust: 1.6

url:http://secunia.com/advisories/45033

Trust: 1.6

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2960

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2960

Trust: 0.8

url:http://www.securityfocus.com/bid/48328

Trust: 0.6

url:http://www.us-cert.gov/control_systems/pdf/ics-alert-11-230-01.pdf

Trust: 0.3

url:http://secunia.com/products/corporate/vim/fs_request_2011/

Trust: 0.1

url:http://secunia.com/advisories/45033/

Trust: 0.1

url:https://ca.secunia.com/?page=viewadvisory&vuln_id=45033

Trust: 0.1

url:http://secunia.com/vulnerability_intelligence/

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

Trust: 0.1

url:http://secunia.com/advisories/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/personal/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/advisories/45033/#comments

Trust: 0.1

url:http://secunia.com/advisories/about_secunia_advisories/

Trust: 0.1

sources: CNVD: CNVD-2011-6909 // BID: 48328 // JVNDB: JVNDB-2011-003489 // PACKETSTORM: 102460 // CNNVD: CNNVD-201106-204 // CNNVD: CNNVD-201107-468 // NVD: CVE-2011-2960

CREDITS

Dillon Beresford of NSS Labs

Trust: 0.9

sources: BID: 48328 // CNNVD: CNNVD-201106-204

SOURCES

db:IVDid:35300150-1f92-11e6-abef-000c29c66e3d
db:IVDid:7d7dc831-463f-11e9-8b5b-000c29342cb1
db:IVDid:c1fa5156-2354-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2011-6909
db:BIDid:48328
db:JVNDBid:JVNDB-2011-003489
db:PACKETSTORMid:102460
db:CNNVDid:CNNVD-201106-204
db:CNNVDid:CNNVD-201107-468
db:NVDid:CVE-2011-2960

LAST UPDATE DATE

2024-08-14T14:14:40.979000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2011-6909date:2014-02-11T00:00:00
db:BIDid:48328date:2011-08-26T23:10:00
db:JVNDBid:JVNDB-2011-003489date:2011-12-22T00:00:00
db:CNNVDid:CNNVD-201106-204date:2011-06-21T00:00:00
db:CNNVDid:CNNVD-201107-468date:2011-08-02T00:00:00
db:NVDid:CVE-2011-2960date:2011-08-01T04:00:00

SOURCES RELEASE DATE

db:IVDid:35300150-1f92-11e6-abef-000c29c66e3ddate:2014-02-11T00:00:00
db:IVDid:7d7dc831-463f-11e9-8b5b-000c29342cb1date:2014-02-11T00:00:00
db:IVDid:c1fa5156-2354-11e6-abef-000c29c66e3ddate:2011-07-29T00:00:00
db:CNVDid:CNVD-2011-6909date:2011-06-17T00:00:00
db:BIDid:48328date:2011-06-17T00:00:00
db:JVNDBid:JVNDB-2011-003489date:2011-12-22T00:00:00
db:PACKETSTORMid:102460date:2011-06-21T01:16:50
db:CNNVDid:CNNVD-201106-204date:1900-01-01T00:00:00
db:CNNVDid:CNNVD-201107-468date:2011-07-29T00:00:00
db:NVDid:CVE-2011-2960date:2011-07-29T19:55:04.047