Sign-up

ID

VAR-201201-0028


CVE

CVE-2011-4531


TITLE

Siemens Automation License Manager Buffer Overflow and Denial of Service Vulnerabilities

Trust: 0.9

sources: BID: 50830 // CNNVD: CNNVD-201111-482

DESCRIPTION

Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted content in a (1) get_target_ocx_param or (2) send_target_ocx_param command. The Siemens Automation License Manager is the authorization manager program for Siemens software. Some long fields can be used to trigger exceptions: The exception unknown software exception (0xc0000417) occurred in the application at location 0x????????. This exception is due to some functions using wcscpy_s to copy the value provided by the client to Caused by the stack buffer. Remote attackers can exploit these issues to execute arbitrary code in the context of the application or cause denial-of-service conditions

Trust: 3.78

sources: NVD: CVE-2011-4531 // JVNDB: JVNDB-2012-001030 // CNVD: CNVD-2011-5099 // CNVD: CNVD-2011-5101 // CNVD: CNVD-2011-5097 // BID: 50830 // IVD: 3cc922d2-2354-11e6-abef-000c29c66e3d // VULHUB: VHN-52476

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 2.0

sources: IVD: 3cc922d2-2354-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-5099 // CNVD: CNVD-2011-5101 // CNVD: CNVD-2011-5097

AFFECTED PRODUCTS

vendor:siemensmodel:automation license managerscope:eqversion:500.0.1221

Trust: 1.8

vendor:siemensmodel:automation license managerscope:lteversion:5.1

Trust: 1.0

vendor:siemensmodel:automation license managerscope:eqversion:4.0 to 5.1+sp1+upd1

Trust: 0.8

vendor:siemensmodel:automation license managerscope:eqversion:5.1

Trust: 0.6

vendor:siemensmodel:automation license managerscope:eqversion:501.1.102.1

Trust: 0.3

vendor:automation license managermodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: 3cc922d2-2354-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-5099 // CNVD: CNVD-2011-5101 // CNVD: CNVD-2011-5097 // BID: 50830 // JVNDB: JVNDB-2012-001030 // CNNVD: CNNVD-201201-081 // NVD: CVE-2011-4531

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2011-4531
value: MEDIUM

Trust: 1.0

NVD: CVE-2011-4531
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201201-081
value: MEDIUM

Trust: 0.6

IVD: 3cc922d2-2354-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

VULHUB: VHN-52476
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2011-4531
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

IVD: 3cc922d2-2354-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-52476
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: 3cc922d2-2354-11e6-abef-000c29c66e3d // VULHUB: VHN-52476 // JVNDB: JVNDB-2012-001030 // CNNVD: CNNVD-201201-081 // NVD: CVE-2011-4531

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-52476 // JVNDB: JVNDB-2012-001030 // NVD: CVE-2011-4531

THREAT TYPE

remote

Trust: 1.2

sources: CNNVD: CNNVD-201201-081 // CNNVD: CNNVD-201111-482

TYPE

Input validation

Trust: 0.8

sources: IVD: 3cc922d2-2354-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201201-081

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2012-001030

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-52476

PATCH
title:57252401url:http://support.automation.siemens.com/WW/llisapi.dll/57252401?func=ll&objId=57252401&objAction=csView&nodeid0=17323948&lang=en&siteid=cseus&aktprim=0&extranet=standard&viewreg=WW&load=content\
Trust: 0.8
title:114358url:http://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=114358&caller=view
Trust: 0.8
title:ソリューションパートナーurl:http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx
Trust: 0.8
title:Top Pageurl:http://www.siemens.com/entry/jp/ja/
Trust: 0.8
title:Siemens Automation License Manager denial of service vulnerability patchurl:https://www.cnvd.org.cn/patchInfo/show/72712
Trust: 0.6
title:Patch for Siemens Automation License Manager Buffer Overflow Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/72722
Trust: 0.6
title:ALMv5_1_1_3url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=42332
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2011-5101 // 
            
            
            
            CNVD: CNVD-2011-5097 // 
            
            
            
            JVNDB: JVNDB-2012-001030 // 
            
            
            
            CNNVD: CNNVD-201201-081

EXTERNAL IDS
db:NVDid:CVE-2011-4531
Trust: 3.0
db:ICS CERTid:ICSA-11-361-01
Trust: 2.8
db:BIDid:50830
Trust: 2.7
db:CNNVDid:CNNVD-201201-081
Trust: 0.9
db:JVNDBid:JVNDB-2012-001030
Trust: 0.8
db:CNVDid:CNVD-2011-5099
Trust: 0.6
db:CNVDid:CNVD-2011-5101
Trust: 0.6
db:CNVDid:CNVD-2011-5097
Trust: 0.6
db:CNNVDid:CNNVD-201111-482
Trust: 0.6
db:IVDid:3CC922D2-2354-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:EXPLOIT-DBid:18165
Trust: 0.1
db:VULHUBid:VHN-52476
Trust: 0.1
sources:
            
            
            IVD: 3cc922d2-2354-11e6-abef-000c29c66e3d // 
            
            
            
            CNVD: CNVD-2011-5099 // 
            
            
            
            CNVD: CNVD-2011-5101 // 
            
            
            
            CNVD: CNVD-2011-5097 // 
            
            
            
            VULHUB: VHN-52476 // 
            
            
            
            BID: 50830 // 
            
            
            
            JVNDB: JVNDB-2012-001030 // 
            
            
            
            CNNVD: CNNVD-201201-081 // 
            
            
            
            CNNVD: CNNVD-201111-482 // 
            
            
            
            NVD: CVE-2011-4531

REFERENCES
url:http://aluigi.altervista.org/adv/almsrvx_1-adv.txt
Trust: 3.2
url:http://www.us-cert.gov/control_systems/pdf/icsa-11-361-01.pdf
Trust: 2.8
url:http://support.automation.siemens.com/ww/view/en/114358
Trust: 1.7
url:http://support.automation.siemens.com/ww/llisapi.dll/57252401?func=ll&objid=57252401&objaction=csview&nodeid0=17323948&lang=en&siteid=cseus&aktprim=0&extranet=standard&viewreg=ww&load=content
Trust: 1.6
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4531
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4531
Trust: 0.8
url:http://www.securityfocus.com/bid/50830
Trust: 0.6
url:http://support.automation.siemens.com/ww/llisapi.dll?func=cslib.csinfo&lang=en&siteid=cseus&aktprim=0&extranet=standard&viewreg=ww&objid=17323948&tree
Trust: 0.3
url:/archive/1/520660
Trust: 0.3
url:http://support.automation.siemens.com/ww/llisapi.dll/57252401?func=ll&objid=57252401&objaction=csview&nodeid0=17323948&lang=en&siteid=cseus&aktprim=0&extranet=standard&viewreg=ww&load=content
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2011-5099 // 
            
            
            
            CNVD: CNVD-2011-5101 // 
            
            
            
            VULHUB: VHN-52476 // 
            
            
            
            BID: 50830 // 
            
            
            
            JVNDB: JVNDB-2012-001030 // 
            
            
            
            CNNVD: CNNVD-201201-081 // 
            
            
            
            CNNVD: CNNVD-201111-482 // 
            
            
            
            NVD: CVE-2011-4531

CREDITS
Luigi Auriemma
Trust: 0.9
sources:
            
            
            BID: 50830 // 
            
            
            
            CNNVD: CNNVD-201111-482

SOURCES
db:IVDid:3cc922d2-2354-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2011-5099
db:CNVDid:CNVD-2011-5101
db:CNVDid:CNVD-2011-5097
db:VULHUBid:VHN-52476
db:BIDid:50830
db:JVNDBid:JVNDB-2012-001030
db:CNNVDid:CNNVD-201201-081
db:CNNVDid:CNNVD-201111-482
db:NVDid:CVE-2011-4531

LAST UPDATE DATE
2024-08-14T14:34:35.822000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2011-5099date:2011-12-05T00:00:00
db:CNVDid:CNVD-2011-5101date:2016-03-15T00:00:00
db:CNVDid:CNVD-2011-5097date:2016-03-15T00:00:00
db:VULHUBid:VHN-52476date:2012-01-09T00:00:00
db:BIDid:50830date:2012-01-04T00:20:00
db:JVNDBid:JVNDB-2012-001030date:2012-01-11T00:00:00
db:CNNVDid:CNNVD-201201-081date:2012-01-11T00:00:00
db:CNNVDid:CNNVD-201111-482date:2011-11-30T00:00:00
db:NVDid:CVE-2011-4531date:2012-01-09T22:52:26.123

SOURCES RELEASE DATE
db:IVDid:3cc922d2-2354-11e6-abef-000c29c66e3ddate:2012-01-11T00:00:00
db:CNVDid:CNVD-2011-5099date:2011-12-05T00:00:00
db:CNVDid:CNVD-2011-5101date:2011-12-05T00:00:00
db:CNVDid:CNVD-2011-5097date:2011-12-05T00:00:00
db:VULHUBid:VHN-52476date:2012-01-08T00:00:00
db:BIDid:50830date:2011-11-28T00:00:00
db:JVNDBid:JVNDB-2012-001030date:2012-01-11T00:00:00
db:CNNVDid:CNNVD-201201-081date:2012-01-11T00:00:00
db:CNNVDid:CNNVD-201111-482date:1900-01-01T00:00:00
db:NVDid:CVE-2011-4531date:2012-01-08T20:55:01.280