Lucene search
MitreCVE-2011-3490HistorySep 16, 2011 - 2:28 p.m.
CVE-2011-3490
2011-09-1614:28:12
CWE-119
mitre
web.nvd.nist.gov
111
cve-2011-3490
buffer overflow
denial of service
remote attackers
measuresoft scadapro
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
8
Confidence
Low
EPSS
0.053
Percentile
93.1%
Multiple stack-based buffer overflows in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long command to port 11234, as demonstrated with the TF command.
Affected configurations
Node
measuresoftscadaproRange≤4.0.0
ORmeasuresoftscadaproMatch2.1
ORmeasuresoftscadaproMatch2.2
ORmeasuresoftscadaproMatch2.3
ORmeasuresoftscadaproMatch2.4
ORmeasuresoftscadaproMatch2.4.1
ORmeasuresoftscadaproMatch2.4.2
ORmeasuresoftscadaproMatch2.4.3
ORmeasuresoftscadaproMatch2.4.4
ORmeasuresoftscadaproMatch2.4.5
ORmeasuresoftscadaproMatch2.4.6
ORmeasuresoftscadaproMatch2.5
ORmeasuresoftscadaproMatch2.5.1
ORmeasuresoftscadaproMatch2.5.2
ORmeasuresoftscadaproMatch2.5.3
ORmeasuresoftscadaproMatch2.5.4
ORmeasuresoftscadaproMatch2.5.5
ORmeasuresoftscadaproMatch2.6.0
ORmeasuresoftscadaproMatch2.7.0
ORmeasuresoftscadaproMatch2.7.1
ORmeasuresoftscadaproMatch2.7.2
ORmeasuresoftscadaproMatch2.8.0
ORmeasuresoftscadaproMatch2.9.0
ORmeasuresoftscadaproMatch3.1.0
ORmeasuresoftscadaproMatch3.2.8
ORmeasuresoftscadaproMatch3.2.9
ORmeasuresoftscadaproMatch3.3.0
ORmeasuresoftscadaproMatch3.3.1
ORmeasuresoftscadaproMatch3.3.2
ORmeasuresoftscadaproMatch3.9.0
ORmeasuresoftscadaproMatch3.9.1
ORmeasuresoftscadaproMatch3.9.2
ORmeasuresoftscadaproMatch3.9.3
ORmeasuresoftscadaproMatch3.9.4
ORmeasuresoftscadaproMatch3.9.5
ORmeasuresoftscadaproMatch3.9.6
ORmeasuresoftscadaproMatch3.9.7
ORmeasuresoftscadaproMatch3.9.8
ORmeasuresoftscadaproMatch3.9.9
ORmeasuresoftscadaproMatch3.9.10
ORmeasuresoftscadaproMatch3.9.11
ORmeasuresoftscadaproMatch3.9.12
ORmeasuresoftscadaproMatch3.9.13
ORmeasuresoftscadaproMatch3.9.14
ORmeasuresoftscadaproMatch3.9.15
| Vendor | Product | Version | CPE |
|---|---|---|---|
| measuresoft | scadapro | * | cpe:2.3:a:measuresoft:scadapro:*:*:*:*:*:*:*:* |
| measuresoft | scadapro | 2.1 | cpe:2.3:a:measuresoft:scadapro:2.1:*:*:*:*:*:*:* |
| measuresoft | scadapro | 2.2 | cpe:2.3:a:measuresoft:scadapro:2.2:*:*:*:*:*:*:* |
| measuresoft | scadapro | 2.3 | cpe:2.3:a:measuresoft:scadapro:2.3:*:*:*:*:*:*:* |
| measuresoft | scadapro | 2.4 | cpe:2.3:a:measuresoft:scadapro:2.4:*:*:*:*:*:*:* |
| measuresoft | scadapro | 2.4.1 | cpe:2.3:a:measuresoft:scadapro:2.4.1:*:*:*:*:*:*:* |
| measuresoft | scadapro | 2.4.2 | cpe:2.3:a:measuresoft:scadapro:2.4.2:*:*:*:*:*:*:* |
| measuresoft | scadapro | 2.4.3 | cpe:2.3:a:measuresoft:scadapro:2.4.3:*:*:*:*:*:*:* |
| measuresoft | scadapro | 2.4.4 | cpe:2.3:a:measuresoft:scadapro:2.4.4:*:*:*:*:*:*:* |
| measuresoft | scadapro | 2.4.5 | cpe:2.3:a:measuresoft:scadapro:2.4.5:*:*:*:*:*:*:* |
Related
checkpoint_advisories
checkpoint_advisories
Measuresoft ScadaPro xf Command Execution (CVE-2011-3490)
2012-03-19 00:00:00
prion
prion
Stack overflow
2011-09-16 14:28:00
saint
saint
Measuresoft ScadaPro xf Command Execution
2011-11-28 00:00:00
Measuresoft ScadaPro xf Command Execution
2011-11-28 00:00:00
Measuresoft ScadaPro xf Command Execution
2011-11-28 00:00:00
nvd
nvd
CVE-2011-3490
2011-09-16 14:28:12
cvelist
cvelist
CVE-2011-3490
2011-09-16 14:00:00
exploitdb
exploitdb
Measuresoft ScadaPro 4.0.0 - Remote Command Execution (Metasploit)
2011-09-16 00:00:00
Measuresoft ScadaPro 4.0.0 - Multiple Vulnerabilities
2011-09-14 00:00:00
openvas
openvas
Measuresoft ScadaPro Multiple Security Vulnerabilities
2012-12-19 00:00:00
ics
ics
Measuresoft ScadaPro Vulnerabilities
2018-09-06 12:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
8
Confidence
Low
EPSS
0.053
Percentile
93.1%
Related for CVE-2011-3490