Details of VAR-201809-0093

ID

VAR-201809-0093

CVE

CVE-2018-12086

TITLE

OPC UA Application buffer error vulnerability

Trust: 1.4

sources: JVNDB: JVNDB-2018-013611 // CNNVD: CNNVD-201809-732

DESCRIPTION

Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests. OPC UA The application contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. OPC UA applications is a platform-independent service-oriented unified architecture application from the OPC (OLE for Process Control) Foundation. SAP Plant Connectivity is prone to multiple denial-of-service vulnerabilities. Attackers can exploit these issues to cause denial-of-service conditions, denying service to legitimate users. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4359-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 27, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : wireshark CVE ID : CVE-2018-12086 CVE-2018-18225 CVE-2018-18226 CVE-2018-18227 CVE-2018-19622 CVE-2018-19623 CVE-2018-19624 CVE-2018-19625 CVE-2018-19626 CVE-2018-19627 CVE-2018-19628 Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer, which could result in denial of service or the execution of arbitrary code. For the stable distribution (stretch), these problems have been fixed in version 2.6.5-1~deb9u1. We recommend that you upgrade your wireshark packages. For the detailed security status of wireshark please refer to its security tracker page at: https://security-tracker.debian.org/tracker/wireshark Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlwk6BkACgkQEMKTtsN8 TjZeQg//epVGPGld0oOwn+9I3rD4C0GZMKOCtHW7xR5x+YKMntG7VzLAcSv33EEi hDj2V0ZFr8NIWab0qtTun4BQMMZ7J80hy//hFr9OcAu1apdG38KW0drMG2/sBBL8 HH6ndYLgrtxqbtmqNBxPrabq+Fj01jlCwTmrd9ig0/ZQOSlRbfM+Snfjxpmwlsgl x8ZoWi9TPD+ILZe2V6m4w81aR6FF3e540W6ADAJ233gpJbQ5mHvOlX1tJzPDTQOe 8KqGZ4FhYan7wO6u41gRHCtqMEymh1LRc+zTzeow9jNs7u83GRMT4bqerCkVKI3W JPr1+EbYNyZApWYzeigomGQSXiTMKvURm1NxevhhZW81y0xJgHS7q7gsvu1zitQl hUqA9r/F74Ts6uru+ubknk1OeA0UrY/ZXVMZUgsYAZ4vFvcvPzK2gqZoBMI0tAy5 PxAnScxMalJA8faUsjl/0O5URG/Sv0MKzLo9hexog7dE/vH0j5iuZqbhT7UDmvdL B2l7XwVlZCKI5pLgNhCqBSxf3mL7sr/wzpPF2YYuFGTGQ+doTy6C9GL1Z/J/087w Hbd7i5Pnu+GM+SXswSIsDNsq4fMYHrBJvJz+w2YWImdKuR9+fKSPAtdto/id5t9m s61uMXB9ul+5H0pw19otWQUvJog5qcCrTFLEe5F+CMUJDjWDqrY=xlYz -----END PGP SIGNATURE-----

Trust: 2.79

sources: NVD: CVE-2018-12086 // JVNDB: JVNDB-2018-013611 // CNVD: CNVD-2018-19099 // BID: 105538 // IVD: e2fad12e-39ab-11e9-a54a-000c29342cb1 // VULMON: CVE-2018-12086 // PACKETSTORM: 150933

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: e2fad12e-39ab-11e9-a54a-000c29342cb1 // CNVD: CNVD-2018-19099

AFFECTED PRODUCTS

vendor:	debian	model:	linux	scope:	eq	version:	9.0	Trust: 1.6
vendor:	opcfoundation	model:	unified architecture-java	scope:	lte	version:	1.03.343	Trust: 1.0
vendor:	opcfoundation	model:	unified architecture-.net-legacy	scope:	lte	version:	1.03.342	Trust: 1.0
vendor:	opcfoundation	model:	unified architecture .net-standard	scope:	lte	version:	1.03.352.12	Trust: 1.0
vendor:	opcfoundation	model:	unified architecture ansic	scope:	lte	version:	1.03.340	Trust: 1.0
vendor:	debian	model:	gnu/linux	scope:	-	version:	-	Trust: 0.8
vendor:	opc	model:	ua-.net-legacy	scope:	-	version:	-	Trust: 0.8
vendor:	opc	model:	ua-.netstandard	scope:	-	version:	-	Trust: 0.8
vendor:	opc	model:	ua-ansic	scope:	-	version:	-	Trust: 0.8
vendor:	opc	model:	ua-java	scope:	-	version:	-	Trust: 0.8
vendor:	opc	model:	ua application	scope:	-	version:	-	Trust: 0.6
vendor:	wireshark	model:	wireshark	scope:	eq	version:	2.6.3	Trust: 0.3
vendor:	wireshark	model:	wireshark	scope:	eq	version:	2.6.2	Trust: 0.3
vendor:	wireshark	model:	wireshark	scope:	eq	version:	2.6.1	Trust: 0.3
vendor:	wireshark	model:	wireshark	scope:	eq	version:	2.6	Trust: 0.3
vendor:	wireshark	model:	wireshark	scope:	eq	version:	2.4.9	Trust: 0.3
vendor:	wireshark	model:	wireshark	scope:	eq	version:	2.4.8	Trust: 0.3
vendor:	wireshark	model:	wireshark	scope:	eq	version:	2.4.7	Trust: 0.3
vendor:	wireshark	model:	wireshark	scope:	eq	version:	2.4.6	Trust: 0.3
vendor:	wireshark	model:	wireshark	scope:	eq	version:	2.4.5	Trust: 0.3
vendor:	wireshark	model:	wireshark	scope:	eq	version:	2.4.4	Trust: 0.3
vendor:	wireshark	model:	wireshark	scope:	eq	version:	2.4.3	Trust: 0.3
vendor:	wireshark	model:	wireshark	scope:	eq	version:	2.4.1	Trust: 0.3
vendor:	wireshark	model:	wireshark	scope:	eq	version:	2.4	Trust: 0.3
vendor:	wireshark	model:	wireshark	scope:	eq	version:	2.2.6	Trust: 0.3
vendor:	wireshark	model:	wireshark	scope:	eq	version:	2.4.2	Trust: 0.3
vendor:	sap	model:	plant connectivity	scope:	eq	version:	15.2	Trust: 0.3
vendor:	sap	model:	plant connectivity	scope:	eq	version:	15.1	Trust: 0.3
vendor:	sap	model:	plant connectivity	scope:	eq	version:	15.0	Trust: 0.3
vendor:	wireshark	model:	wireshark	scope:	ne	version:	2.6.4	Trust: 0.3
vendor:	wireshark	model:	wireshark	scope:	ne	version:	2.4.10	Trust: 0.3
vendor:	unified architecture net legacy	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	unified architecture java	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	unified architecture net standard	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	unified architecture ansic	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	debian linux	model:	-	scope:	eq	version:	9.0	Trust: 0.2

sources: IVD: e2fad12e-39ab-11e9-a54a-000c29342cb1 // CNVD: CNVD-2018-19099 // BID: 105538 // JVNDB: JVNDB-2018-013611 // CNNVD: CNNVD-201809-732 // NVD: CVE-2018-12086

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-12086
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-12086
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2018-19099
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201809-732
value:	HIGH
Trust: 0.6
IVD:	e2fad12e-39ab-11e9-a54a-000c29342cb1
value:	MEDIUM
Trust: 0.2
VULMON:	CVE-2018-12086
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2018-12086
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2018-19099
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	e2fad12e-39ab-11e9-a54a-000c29342cb1
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

nvd@nist.gov:	CVE-2018-12086
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: IVD: e2fad12e-39ab-11e9-a54a-000c29342cb1 // CNVD: CNVD-2018-19099 // VULMON: CVE-2018-12086 // JVNDB: JVNDB-2018-013611 // CNNVD: CNNVD-201809-732 // NVD: CVE-2018-12086

PROBLEMTYPE DATA

problemtype:	CWE-787	Trust: 1.0
problemtype:	CWE-119	Trust: 0.8

sources: JVNDB: JVNDB-2018-013611 // NVD: CVE-2018-12086

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201809-732

TYPE

Buffer error

Trust: 0.8

sources: IVD: e2fad12e-39ab-11e9-a54a-000c29342cb1 // CNNVD: CNNVD-201809-732

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-013611

PATCH

title:	DSA-4359	url:	https://www.debian.org/security/2018/dsa-4359	Trust: 0.8
title:	Security Update for the OPC UA Stacks	url:	http://bugs.exim.org/show_bug.cgi?id=1106	Trust: 0.8
title:	Red Hat: CVE-2018-12086	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2018-12086	Trust: 0.1
title:	Arch Linux Issues:	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2018-12086	Trust: 0.1
title:	Arch Linux Advisories: [ASA-201810-9] wireshark-cli: multiple issues	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-201810-9	Trust: 0.1
title:	Debian Security Advisories: DSA-4359-1 wireshark -- security update	url:	https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=d02db3d90f5567537307b18cce9fba2b	Trust: 0.1
title:	Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2018	url:	https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins&qid=2196fa008592287290cbd6678fbe10d4	Trust: 0.1
title:	IBM: IBM Security Bulletin: Vyatta 5600 vRouter Software Patches – Release 1801-v	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=413b5f9466c1ebf3ab090a45e189b43e	Trust: 0.1
title:	stack-overflow-poc	url:	https://github.com/kevinherron/stack-overflow-poc	Trust: 0.1
title:	CVE-POC	url:	https://github.com/0xT11/CVE-POC	Trust: 0.1
title:	PoC-in-GitHub	url:	https://github.com/nomi-sec/PoC-in-GitHub	Trust: 0.1

sources: VULMON: CVE-2018-12086 // JVNDB: JVNDB-2018-013611

EXTERNAL IDS

db:	NVD	id:	CVE-2018-12086	Trust: 3.7
db:	BID	id:	105538	Trust: 2.0
db:	SECTRACK	id:	1041909	Trust: 1.7
db:	CNVD	id:	CNVD-2018-19099	Trust: 0.8
db:	CNNVD	id:	CNNVD-201809-732	Trust: 0.8
db:	JVNDB	id:	JVNDB-2018-013611	Trust: 0.8
db:	AUSCERT	id:	ESB-2019.1374	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.0926	Trust: 0.6
db:	IVD	id:	E2FAD12E-39AB-11E9-A54A-000C29342CB1	Trust: 0.2
db:	VULMON	id:	CVE-2018-12086	Trust: 0.1
db:	PACKETSTORM	id:	150933	Trust: 0.1

sources: IVD: e2fad12e-39ab-11e9-a54a-000c29342cb1 // CNVD: CNVD-2018-19099 // VULMON: CVE-2018-12086 // BID: 105538 // JVNDB: JVNDB-2018-013611 // PACKETSTORM: 150933 // CNNVD: CNNVD-201809-732 // NVD: CVE-2018-12086

REFERENCES

url:	https://opcfoundation-onlineapplications.org/faq/securitybulletins/opc_foundation_security_bulletin_cve-2018-12086.pdf	Trust: 2.3
url:	http://www.securityfocus.com/bid/105538	Trust: 1.7
url:	http://www.securitytracker.com/id/1041909	Trust: 1.7
url:	https://www.debian.org/security/2018/dsa-4359	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2018-12086	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-12086	Trust: 0.8
url:	https://www.auscert.org.au/bulletins/esb-2020.0926/	Trust: 0.6
url:	http://www.ibm.com/support/docview.wss?uid=ibm10881778	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/79514	Trust: 0.6
url:	http://www.sap.com	Trust: 0.3
url:	https://launchpad.support.sap.com/#/notes/2674215	Trust: 0.3
url:	https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=500633095	Trust: 0.3
url:	https://www.wireshark.org/security/wnpa-sec-2018-50.html	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/787.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://tools.cisco.com/security/center/viewalert.x?alertid=59045	Trust: 0.1
url:	https://github.com/kevinherron/stack-overflow-poc	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-19625	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-19628	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-18227	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-19624	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-19623	Trust: 0.1
url:	https://www.debian.org/security/faq	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-18226	Trust: 0.1
url:	https://www.debian.org/security/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-19622	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-19626	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-19627	Trust: 0.1
url:	https://security-tracker.debian.org/tracker/wireshark	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-18225	Trust: 0.1

sources: CNVD: CNVD-2018-19099 // VULMON: CVE-2018-12086 // BID: 105538 // JVNDB: JVNDB-2018-013611 // PACKETSTORM: 150933 // CNNVD: CNNVD-201809-732 // NVD: CVE-2018-12086

CREDITS

SAP

Trust: 0.3

sources: BID: 105538

SOURCES

db:	IVD	id:	e2fad12e-39ab-11e9-a54a-000c29342cb1
db:	CNVD	id:	CNVD-2018-19099
db:	VULMON	id:	CVE-2018-12086
db:	BID	id:	105538
db:	JVNDB	id:	JVNDB-2018-013611
db:	PACKETSTORM	id:	150933
db:	CNNVD	id:	CNNVD-201809-732
db:	NVD	id:	CVE-2018-12086

LAST UPDATE DATE

2024-11-23T20:09:38.362000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-19099	date:	2018-09-18T00:00:00
db:	VULMON	id:	CVE-2018-12086	date:	2020-08-24T00:00:00
db:	BID	id:	105538	date:	2018-10-16T14:00:00
db:	JVNDB	id:	JVNDB-2018-013611	date:	2019-02-26T00:00:00
db:	CNNVD	id:	CNNVD-201809-732	date:	2020-08-25T00:00:00
db:	NVD	id:	CVE-2018-12086	date:	2024-11-21T03:44:33.930

SOURCES RELEASE DATE

db:	IVD	id:	e2fad12e-39ab-11e9-a54a-000c29342cb1	date:	2018-09-18T00:00:00
db:	CNVD	id:	CNVD-2018-19099	date:	2018-09-18T00:00:00
db:	VULMON	id:	CVE-2018-12086	date:	2018-09-14T00:00:00
db:	BID	id:	105538	date:	2018-10-09T00:00:00
db:	JVNDB	id:	JVNDB-2018-013611	date:	2019-02-26T00:00:00
db:	PACKETSTORM	id:	150933	date:	2018-12-28T21:54:04
db:	CNNVD	id:	CNNVD-201809-732	date:	2018-09-17T00:00:00
db:	NVD	id:	CVE-2018-12086	date:	2018-09-14T21:29:03.583