CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
95.8%
The remote host is running a version of the LiveData ICCP server that is older than version 5.00.62. Such versions are affected by the following vulnerabilities :
A heap overflow vulnerability can be triggered when processing malformed WSDL files via TCP leading to arbitrary code execution subject to the privileges of the remote service. (CVE-2007-2489)
A denial of service attack is possible using specially crafted Connection-Oriented Transport Protocol (COTP) packets. (CVE-2007-2490)
Binary data scada_iccp_livedata_dos.nbin