Vulnerability Details : CVE-2011-1567
Public exploit exists!
Multiple stack-based buffer overflows in IGSSdataServer.exe 9.00.00.11063 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted (1) ListAll, (2) Write File, (3) ReadFile, (4) Delete, (5) RenameFile, and (6) FileInfo commands in an 0xd opcode; (7) the Add, (8) ReadFile, (9) Write File, (10) Rename, (11) Delete, and (12) Add commands in an RMS report templates (0x7) opcode; and (13) 0x4 command in an STDREP request (0x8) opcode to TCP port 12401.
Vulnerability category: OverflowExecute codeDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2011-1567
Probability of exploitation activity in the next 30 days: 70.32%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 98 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2011-1567
-
7-Technologies IGSS IGSSdataServer.exe Stack Buffer Overflow
Disclosure Date: 2011-03-24First seen: 2020-04-26exploit/windows/scada/igss9_igssdataserver_listallThis module exploits a vulnerability in the igssdataserver.exe component of 7-Technologies IGSS up to version 9.00.00 b11063. While processing a ListAll command, the application fails to do proper bounds checking before copying data into a small buffer on the stack. -
7-Technologies IGSS 9 IGSSdataServer .RMS Rename Buffer Overflow
Disclosure Date: 2011-03-24First seen: 2020-04-26exploit/windows/scada/igss9_igssdataserver_renameThis module exploits a vulnerability found on 7-Technologies IGSS 9. By supplying a long string of data to the 'Rename' (0x02), 'Delete' (0x03), or 'Add' (0x04) command, a buffer overflow condition occurs in IGSSdataServer.exe while handing an RMS report, which res
CVSS scores for CVE-2011-1567
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2011-1567
-
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-1567
-
http://www.securityfocus.com/bid/46936
7T Interactive Graphical SCADA System Multiple Security Vulnerabilities
-
http://www.vupen.com/english/advisories/2011/0741
Webmail | OVH- OVHVendor Advisory
-
http://aluigi.org/adv/igss_7-adv.txt
Exploit
-
http://aluigi.org/adv/igss_4-adv.txt
Exploit
-
http://securityreason.com/securityalert/8179
7T Interactive Graphical SCADA System Multiple Security Vulnerabilities - CXSecurity.com
-
http://www.exploit-db.com/exploits/17024
7-Technologies IGSS 9.00.00.11059 - Multiple Vulnerabilities - Windows remote ExploitExploit
-
http://aluigi.org/adv/igss_3-adv.txt
Exploit
-
http://securityreason.com/securityalert/8251
7-Technologies IGSS <= v9.00.00 b11063 IGSSdataServer.exe Stack Overflow - CXSecurity.com
-
http://aluigi.org/adv/igss_5-adv.txt
Exploit
-
http://aluigi.org/adv/igss_2-adv.txt
Exploit
-
http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-080-03.pdf
404 - File Not Found | CISAUS Government Resource
Products affected by CVE-2011-1567
- cpe:2.3:a:7t:igss:*:*:*:*:*:*:*:*