ID

VAR-201204-0010


CVE

CVE-2011-4535


TITLE

ScadaTEC ModbusTagServer and ScadaPhone Remote Buffer Overflow Vulnerability

Trust: 1.5

sources: CNVD: CNVD-2011-3615 // BID: 49560 // CNNVD: CNNVD-201109-148

DESCRIPTION

Buffer overflow in TurboPower Abbrevia before 4.0, as used in ScadaTEC ScadaPhone 5.3.11.1230 and earlier, ScadaTEC ModbusTagServer 4.1.1.81 and earlier, and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ZIP file. A failed attack can result in a denial of service. To trigger this vulnerability, you need to trick the target user into loading an object from the zip file. ScadaTEC ModbusTagServer and ScadaPhone are prone to a remote buffer-overflow vulnerability. The following versions are vulnerable: ScadaTEC ScadaPhone 5.3.11.1230 and prior. ScadaTEC ModbusTagServer 4.1.1.81 and prior

Trust: 2.61

sources: NVD: CVE-2011-4535 // JVNDB: JVNDB-2011-005031 // CNVD: CNVD-2011-3615 // BID: 49560 // IVD: 98702d5c-1f89-11e6-abef-000c29c66e3d

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 98702d5c-1f89-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-3615

AFFECTED PRODUCTS

vendor:scadatecmodel:modbustagserverscope:lteversion:4.1.1.81

Trust: 1.8

vendor:scadatecmodel:scadaphonescope:lteversion:5.3.11.1230

Trust: 1.8

vendor:scadatecmodel:modbustagserverscope:eqversion:4.1.1.81

Trust: 1.5

vendor:scadatecmodel:scadaphonescope:eqversion:5.3.11.1230

Trust: 1.5

vendor:craig petersonmodel:turbopower abbreviascope:lteversion:3.05

Trust: 1.0

vendor:turbopower abbreviamodel:turbopower abbreviascope:ltversion:4.0

Trust: 0.8

vendor:turbopower abbreviamodel: - scope:eqversion:*

Trust: 0.2

vendor:modbustagservermodel: - scope:eqversion:*

Trust: 0.2

vendor:scadaphonemodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: 98702d5c-1f89-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-3615 // BID: 49560 // JVNDB: JVNDB-2011-005031 // CNNVD: CNNVD-201204-008 // NVD: CVE-2011-4535

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2011-4535
value: MEDIUM

Trust: 1.0

NVD: CVE-2011-4535
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201204-008
value: MEDIUM

Trust: 0.6

IVD: 98702d5c-1f89-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

nvd@nist.gov: CVE-2011-4535
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

IVD: 98702d5c-1f89-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

sources: IVD: 98702d5c-1f89-11e6-abef-000c29c66e3d // JVNDB: JVNDB-2011-005031 // CNNVD: CNNVD-201204-008 // NVD: CVE-2011-4535

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.8

sources: JVNDB: JVNDB-2011-005031 // NVD: CVE-2011-4535

THREAT TYPE

remote

Trust: 1.2

sources: CNNVD: CNNVD-201109-148 // CNNVD: CNNVD-201204-008

TYPE

Buffer overflow

Trust: 1.4

sources: IVD: 98702d5c-1f89-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201109-148 // CNNVD: CNNVD-201204-008

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-005031

PATCH

title:Top Pageurl:http://www.scadatec.com/

Trust: 0.8

title:Top Pageurl:http://tpabbrevia.sourceforge.net/

Trust: 0.8

sources: JVNDB: JVNDB-2011-005031

EXTERNAL IDS

db:NVDid:CVE-2011-4535

Trust: 2.9

db:ICS CERTid:ICSA-11-362-01

Trust: 2.7

db:BIDid:49560

Trust: 1.5

db:CNVDid:CNVD-2011-3615

Trust: 0.8

db:CNNVDid:CNNVD-201204-008

Trust: 0.8

db:JVNDBid:JVNDB-2011-005031

Trust: 0.8

db:PACKETSTORMid:104993

Trust: 0.6

db:CNNVDid:CNNVD-201109-148

Trust: 0.6

db:ICS CERT ALERTid:ICS-ALERT-11-255-01

Trust: 0.3

db:IVDid:98702D5C-1F89-11E6-ABEF-000C29C66E3D

Trust: 0.2

sources: IVD: 98702d5c-1f89-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-3615 // BID: 49560 // JVNDB: JVNDB-2011-005031 // CNNVD: CNNVD-201109-148 // CNNVD: CNNVD-201204-008 // NVD: CVE-2011-4535

REFERENCES

url:http://www.us-cert.gov/control_systems/pdf/icsa-11-362-01.pdf

Trust: 2.7

url:http://sourceforge.net/projects/tpabbrevia/files/abbrevia%204.0.zip/download

Trust: 1.6

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4535

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4535

Trust: 0.8

url:http://packetstormsecurity.org/files/view/104993/scadatec-overflow.txt

Trust: 0.6

url:http://www.securityfocus.com/bid/49560

Trust: 0.6

url:http://www.scadatec.com/

Trust: 0.3

url:http://www.us-cert.gov/control_systems/pdf/ics-alert-11-255-01.pdf

Trust: 0.3

sources: CNVD: CNVD-2011-3615 // BID: 49560 // JVNDB: JVNDB-2011-005031 // CNNVD: CNNVD-201109-148 // CNNVD: CNNVD-201204-008 // NVD: CVE-2011-4535

CREDITS

mr_me

Trust: 0.9

sources: BID: 49560 // CNNVD: CNNVD-201109-148

SOURCES

db:IVDid:98702d5c-1f89-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2011-3615
db:BIDid:49560
db:JVNDBid:JVNDB-2011-005031
db:CNNVDid:CNNVD-201109-148
db:CNNVDid:CNNVD-201204-008
db:NVDid:CVE-2011-4535

LAST UPDATE DATE

2024-08-14T14:34:34.195000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2011-3615date:2011-09-13T00:00:00
db:BIDid:49560date:2012-01-03T19:10:00
db:JVNDBid:JVNDB-2011-005031date:2012-04-04T00:00:00
db:CNNVDid:CNNVD-201109-148date:2011-09-14T00:00:00
db:CNNVDid:CNNVD-201204-008date:2012-04-05T00:00:00
db:NVDid:CVE-2011-4535date:2012-04-03T04:00:00

SOURCES RELEASE DATE

db:IVDid:98702d5c-1f89-11e6-abef-000c29c66e3ddate:2011-09-13T00:00:00
db:CNVDid:CNVD-2011-3615date:2011-09-13T00:00:00
db:BIDid:49560date:2011-09-09T00:00:00
db:JVNDBid:JVNDB-2011-005031date:2012-04-04T00:00:00
db:CNNVDid:CNNVD-201109-148date:1900-01-01T00:00:00
db:CNNVDid:CNNVD-201204-008date:2012-04-05T00:00:00
db:NVDid:CVE-2011-4535date:2012-04-03T03:44:36.117