ID

VAR-201204-0131


CVE

CVE-2012-1807


TITLE

Of multiple Koyo Electronics Industries products Web Server cross-site scripting vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2012-002075

DESCRIPTION

Cross-site scripting (XSS) vulnerability in the web server in the ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100, H2-ECOM, H2-ECOM-F, H2-ECOM100, H4-ECOM, H4-ECOM-F, and H4-ECOM100 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Koyo ECOM100 Ethernet is an Ethernet module. This module is used for communication between the PLC and the control system. There are several security vulnerabilities in Koyo ECOM100 Ethernet, including: (1) Using an 8-byte password weak authentication mechanism. (2) There is a replay attack. (3) The WEB server does not have any verification mechanism. (4) There is a buffer overflow in the WEB server. (6) The WEB server has a denial of service attack, which can consume a lot of resources. A buffer-overflow vulnerability. 2. A denial-of-service vulnerability. 3. Multiple security-bypass vulnerabilities. 4. A cross site-scripting vulnerability. Attackers can exploit these issues to execute arbitrary code in the context of the affected application, cause denial-of-service conditions, bypass some security restrictions, allow an attacker to steal cookie-based information, or execute script code in the context of the browser of an unsuspecting user; other attacks may also be possible. ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Koyo ECOM100 Ethernet Module Cross-Site Scripting and Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA47735 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47735/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47735 RELEASE DATE: 2012-01-23 DISCUSS ADVISORY: http://secunia.com/advisories/47735/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47735/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47735 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Koyo ECOM100 Ethernet Module, which can be exploited by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service). 1) Certain unspecified input is not properly sanitised before being returned to the user. SOLUTION: Filter malicious characters and character sequences in a proxy. Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Reid Wightman via Digital Bond\x92s SCADA Security Scientific Symposium (S4). ORIGINAL ADVISORY: ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-020-05.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.7

sources: NVD: CVE-2012-1807 // JVNDB: JVNDB-2012-002075 // CNVD: CNVD-2012-0371 // BID: 51634 // IVD: f2b150f2-2353-11e6-abef-000c29c66e3d // PACKETSTORM: 108987

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: f2b150f2-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-0371

AFFECTED PRODUCTS

vendor:koyomodel:h4-ecom100scope:eqversion:*

Trust: 1.0

vendor:koyomodel:h2-ecom-fscope:eqversion:*

Trust: 1.0

vendor:koyomodel:h4-ecom-fscope:eqversion:*

Trust: 1.0

vendor:koyomodel:h0-ecom100scope:eqversion:*

Trust: 1.0

vendor:koyomodel:h4-ecomscope:eqversion:*

Trust: 1.0

vendor:koyomodel:h2-ecom100scope:eqversion:*

Trust: 1.0

vendor:koyomodel:h0-ecomscope:eqversion:*

Trust: 1.0

vendor:koyomodel:h2-ecomscope:eqversion:*

Trust: 1.0

vendor:koyomodel:ecom100 ethernet modulescope:eqversion:0

Trust: 0.9

vendor:koyo industrymodel:h0-ecomscope: - version: -

Trust: 0.8

vendor:koyo industrymodel:h0-ecom100scope: - version: -

Trust: 0.8

vendor:koyo industrymodel:h2-ecomscope: - version: -

Trust: 0.8

vendor:koyo industrymodel:h2-ecom-fscope: - version: -

Trust: 0.8

vendor:koyo industrymodel:h2-ecom100scope: - version: -

Trust: 0.8

vendor:koyo industrymodel:h4-ecomscope: - version: -

Trust: 0.8

vendor:koyo industrymodel:h4-ecom-fscope: - version: -

Trust: 0.8

vendor:koyo industrymodel:h4-ecom100scope: - version: -

Trust: 0.8

vendor:koyomodel:h4-ecomscope: - version: -

Trust: 0.6

vendor:koyomodel:h2-ecom100scope: - version: -

Trust: 0.6

vendor:koyomodel:h4-ecom-fscope: - version: -

Trust: 0.6

vendor:koyomodel:h4-ecom100scope: - version: -

Trust: 0.6

vendor:koyomodel:h0-ecomscope: - version: -

Trust: 0.6

vendor:koyomodel:h2-ecom-fscope: - version: -

Trust: 0.6

vendor:koyomodel:h2-ecomscope: - version: -

Trust: 0.6

vendor:koyomodel:h0-ecom100scope: - version: -

Trust: 0.6

vendor:koyomodel:h4-ecom100scope:eqversion:0

Trust: 0.3

vendor:koyomodel:h4-ecom-fscope:eqversion:0

Trust: 0.3

vendor:koyomodel:h4-ecomscope:eqversion:0

Trust: 0.3

vendor:koyomodel:h2-ecom100scope:eqversion:0

Trust: 0.3

vendor:koyomodel:h2-ecom-fscope:eqversion:0

Trust: 0.3

vendor:koyomodel:h2-ecomscope:eqversion:0

Trust: 0.3

vendor:koyomodel:h0-ecom100scope:eqversion:0

Trust: 0.3

vendor:koyomodel:h0-ecomscope:eqversion:0

Trust: 0.3

vendor:h0 ecommodel: - scope:eqversion:*

Trust: 0.2

vendor:h0 ecom100model: - scope:eqversion:*

Trust: 0.2

vendor:h2 ecommodel: - scope:eqversion:*

Trust: 0.2

vendor:h2 ecom fmodel: - scope:eqversion:*

Trust: 0.2

vendor:h2 ecom100model: - scope:eqversion:*

Trust: 0.2

vendor:h4 ecommodel: - scope:eqversion:*

Trust: 0.2

vendor:h4 ecom fmodel: - scope:eqversion:*

Trust: 0.2

vendor:h4 ecom100model: - scope:eqversion:*

Trust: 0.2

sources: IVD: f2b150f2-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-0371 // BID: 51634 // JVNDB: JVNDB-2012-002075 // CNNVD: CNNVD-201202-026 // NVD: CVE-2012-1807

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2012-1807
value: MEDIUM

Trust: 1.0

NVD: CVE-2012-1807
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201202-026
value: MEDIUM

Trust: 0.6

IVD: f2b150f2-2353-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

nvd@nist.gov: CVE-2012-1807
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

IVD: f2b150f2-2353-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

sources: IVD: f2b150f2-2353-11e6-abef-000c29c66e3d // JVNDB: JVNDB-2012-002075 // CNNVD: CNNVD-201202-026 // NVD: CVE-2012-1807

PROBLEMTYPE DATA

problemtype:CWE-79

Trust: 1.8

sources: JVNDB: JVNDB-2012-002075 // NVD: CVE-2012-1807

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201202-026

TYPE

xss

Trust: 0.7

sources: PACKETSTORM: 108987 // CNNVD: CNNVD-201202-026

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-002075

PATCH

title:Top Pageurl:http://www.koyoele.co.jp/

Trust: 0.8

sources: JVNDB: JVNDB-2012-002075

EXTERNAL IDS

db:NVDid:CVE-2012-1807

Trust: 2.9

db:ICS CERTid:ICSA-12-102-02

Trust: 2.7

db:BIDid:51634

Trust: 1.5

db:ICS CERT ALERTid:ICS-ALERT-12-020-05

Trust: 1.0

db:CNNVDid:CNNVD-201202-026

Trust: 0.8

db:JVNDBid:JVNDB-2012-002075

Trust: 0.8

db:CNVDid:CNVD-2012-0371

Trust: 0.6

db:ICS CERT ALERTid:ICS-ALERT-12-020-05A

Trust: 0.3

db:IVDid:F2B150F2-2353-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:SECUNIAid:47735

Trust: 0.2

db:PACKETSTORMid:108987

Trust: 0.1

sources: IVD: f2b150f2-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-0371 // BID: 51634 // JVNDB: JVNDB-2012-002075 // PACKETSTORM: 108987 // CNNVD: CNNVD-201202-026 // NVD: CVE-2012-1807

REFERENCES

url:http://www.us-cert.gov/control_systems/pdf/icsa-12-102-02.pdf

Trust: 2.7

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1807

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1807

Trust: 0.8

url:http://www.us-cert.gov/control_systems/pdf/ics-alert-12-020-05.pdfhttp

Trust: 0.6

url:http://www.securityfocus.com/bid/51634

Trust: 0.6

url:http://www.us-cert.gov/control_systems/pdf/ics-alert-12-020-05.pdf

Trust: 0.4

url:http://www.us-cert.gov/control_systems/pdf/ics-alert-12-020-05a.pdf

Trust: 0.3

url:http://www.koyoele.co.jp/english/index.html

Trust: 0.3

url:https://ca.secunia.com/?page=viewadvisory&vuln_id=47735

Trust: 0.1

url:http://secunia.com/advisories/47735/#comments

Trust: 0.1

url:http://secunia.com/company/jobs/

Trust: 0.1

url:http://secunia.com/vulnerability_intelligence/

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

Trust: 0.1

url:http://secunia.com/advisories/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/personal/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/advisories/47735/

Trust: 0.1

url:http://secunia.com/advisories/about_secunia_advisories/

Trust: 0.1

sources: CNVD: CNVD-2012-0371 // BID: 51634 // JVNDB: JVNDB-2012-002075 // PACKETSTORM: 108987 // CNNVD: CNNVD-201202-026 // NVD: CVE-2012-1807

CREDITS

Reid Wightman

Trust: 0.9

sources: BID: 51634 // CNNVD: CNNVD-201202-026

SOURCES

db:IVDid:f2b150f2-2353-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2012-0371
db:BIDid:51634
db:JVNDBid:JVNDB-2012-002075
db:PACKETSTORMid:108987
db:CNNVDid:CNNVD-201202-026
db:NVDid:CVE-2012-1807

LAST UPDATE DATE

2024-08-14T13:36:37.223000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2012-0371date:2012-02-03T00:00:00
db:BIDid:51634date:2012-04-11T22:40:00
db:JVNDBid:JVNDB-2012-002075date:2012-04-17T00:00:00
db:CNNVDid:CNNVD-201202-026date:2012-04-17T00:00:00
db:NVDid:CVE-2012-1807date:2012-04-16T13:53:40.070

SOURCES RELEASE DATE

db:IVDid:f2b150f2-2353-11e6-abef-000c29c66e3ddate:1900-01-01T00:00:00
db:CNVDid:CNVD-2012-0371date:2012-02-03T00:00:00
db:BIDid:51634date:2012-01-23T00:00:00
db:JVNDBid:JVNDB-2012-002075date:2012-04-17T00:00:00
db:PACKETSTORMid:108987date:2012-01-23T08:11:35
db:CNNVDid:CNNVD-201202-026date:1900-01-01T00:00:00
db:NVDid:CVE-2012-1807date:2012-04-13T17:55:01.213