Details of VAR-200912-0339

ID

VAR-200912-0339

CVE

CVE-2009-4462

TITLE

IntelliCom NetBiter devices have default HICP passwords

Trust: 0.8

sources: CERT/CC: VU#902793

DESCRIPTION

Stack-based buffer overflow in the NetBiterConfig utility (NetBiterConfig.exe) 1.3.0 for Intellicom NetBiter WebSCADA allows remote attackers to execute arbitrary code via a long hn (hostname) parameter in a crafted HICP-protocol UDP packet. IntelliCom NetBiter devices ship with default passwords for the HICP network configuration service. An attacker with network access could exploit this vulnerability to execute arbitrary code with the privileges of the user running NetBiter Config. Successful exploits may allow attackers to gain privileged access to the device or network; other attacks may also be possible. NOTE: This BID is being retired as it has been determined to not be a vulnerability. The default password and instructions on changing it are detailed in the product documentation. Intellicom 'NetBiterConfig.exe' is prone to a remote stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Failed exploit attempts will result in a denial-of-service condition

Trust: 3.69

sources: NVD: CVE-2009-4462 // CERT/CC: VU#902793 // CERT/CC: VU#181737 // JVNDB: JVNDB-2010-001236 // BID: 37328 // BID: 37325 // VULHUB: VHN-41908

AFFECTED PRODUCTS

vendor:	intellicom innovation ab	model:	-	scope:	-	version:	-	Trust: 1.6
vendor:	intellicom	model:	netbiterconfig	scope:	eq	version:	1.3.0	Trust: 1.6
vendor:	intellicom innovation ab	model:	netbiter config	scope:	lt	version:	1.3.1 earlier	Trust: 0.8
vendor:	intellicom	model:	innovation netbiter webscada ws200	scope:	eq	version:	0	Trust: 0.3
vendor:	intellicom	model:	innovation netbiter webscada ws100	scope:	eq	version:	0	Trust: 0.3
vendor:	intellicom	model:	innovation netbiterconfig.exe	scope:	eq	version:	1.3	Trust: 0.3
vendor:	intellicom	model:	innovation netbiterconfig.exe	scope:	ne	version:	1.3.1	Trust: 0.3

sources: CERT/CC: VU#902793 // CERT/CC: VU#181737 // BID: 37328 // BID: 37325 // JVNDB: JVNDB-2010-001236 // CNNVD: CNNVD-200912-401 // NVD: CVE-2009-4462

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2009-4462
value:	HIGH
Trust: 1.0
CARNEGIE MELLON:	VU#181737
value:	0.48
Trust: 0.8
NVD:	CVE-2009-4462
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200912-401
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-41908
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2009-4462
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-41908
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#181737 // VULHUB: VHN-41908 // JVNDB: JVNDB-2010-001236 // CNNVD: CNNVD-200912-401 // NVD: CVE-2009-4462

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-41908 // JVNDB: JVNDB-2010-001236 // NVD: CVE-2009-4462

THREAT TYPE

network

Trust: 0.6

sources: BID: 37328 // BID: 37325

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200912-401

CONFIGURATIONS

sources: JVNDB: JVNDB-2010-001236

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-41908

PATCH

title:

ISFR-4404-0007

url:

http://support.intellicom.se/getfile.cfm?FID=150&FPID=85

Trust: 0.8

sources: JVNDB: JVNDB-2010-001236

EXTERNAL IDS

db:	CERT/CC	id:	VU#181737	Trust: 3.0
db:	NVD	id:	CVE-2009-4462	Trust: 2.8
db:	VUPEN	id:	ADV-2009-3542	Trust: 2.5
db:	BID	id:	37325	Trust: 2.2
db:	CERT/CC	id:	VU#902793	Trust: 1.1
db:	BID	id:	37328	Trust: 1.1
db:	OSVDB	id:	61506	Trust: 0.8
db:	JVNDB	id:	JVNDB-2010-001236	Trust: 0.8
db:	CNNVD	id:	CNNVD-200912-401	Trust: 0.7
db:	BUGTRAQ	id:	20091214 EXPOSING HMS HICP PROTOCOL + INTELLICOM NETBITERCONFIG.EXE REMOTE BUFFER OVERFLOW (NOT PATCHED)	Trust: 0.6
db:	EXPLOIT-DB	id:	33403	Trust: 0.1
db:	EXPLOIT-DB	id:	10451	Trust: 0.1
db:	SEEBUG	id:	SSVID-86625	Trust: 0.1
db:	VULHUB	id:	VHN-41908	Trust: 0.1

sources: CERT/CC: VU#902793 // CERT/CC: VU#181737 // VULHUB: VHN-41908 // BID: 37328 // BID: 37325 // JVNDB: JVNDB-2010-001236 // CNNVD: CNNVD-200912-401 // NVD: CVE-2009-4462

REFERENCES

url:	http://reversemode.com/index.php?option=com_content&task=view&id=65&itemid=1	Trust: 3.8
url:	http://www.vupen.com/english/advisories/2009/3542	Trust: 2.5
url:	http://www.kb.cert.org/vuls/id/181737	Trust: 2.2
url:	http://www.securityfocus.com/bid/37325	Trust: 1.9
url:	http://blog.48bits.com/?p=781	Trust: 1.6
url:	http://support.intellicom.se/getfile.cfm?fid=151	Trust: 1.1
url:	http://support.intellicom.se/news.cfm?nwid=33	Trust: 1.1
url:	http://www.securityfocus.com/archive/1/508449/100/0/threaded	Trust: 1.1
url:	http://blog.48bits.com/2009/12/12/exposing-hms-hicp-protocol-0day-light/	Trust: 1.1
url:	http://support.intellicom.se/getfile.cfm?fid=150&fpid=85	Trust: 1.0
url:	http://osvdb.com/show/osvdb/61506	Trust: 0.8
url:	http://www.hms.se/products/prodindex.shtml	Trust: 0.8
url:	http://www.anybus.com/products/abxsstech.shtml	Trust: 0.8
url:	http://support.intellicom.se/getfile.cfm?fid=150	Trust: 0.8
url:	http://www.securityfocus.com/bid/37328	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4462	Trust: 0.8
url:	http://jvn.jp/cert/jvnvu181737/	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-4462	Trust: 0.8
url:	http://www.intellicom.se/	Trust: 0.6
url:	/archive/1/508449	Trust: 0.6
url:	http://www.securityfocus.com/archive/1/archive/1/508449/100/0/threaded	Trust: 0.6
url:	http://www.kb.cert.org/vuls/id/902793	Trust: 0.3
url:	http://www.intellicom.se/webscada.cfm	Trust: 0.3
url:	http://support.intellicom.se/getfile.cfm?fid=150&fpid=85	Trust: 0.1
url:	http://reversemode.com/index.php?option=com_content&task=view&id=65&itemid=1	Trust: 0.1

CREDITS

Ruben Santamarta

Trust: 0.6

sources: BID: 37328 // BID: 37325

SOURCES

db:	CERT/CC	id:	VU#902793
db:	CERT/CC	id:	VU#181737
db:	VULHUB	id:	VHN-41908
db:	BID	id:	37328
db:	BID	id:	37325
db:	JVNDB	id:	JVNDB-2010-001236
db:	CNNVD	id:	CNNVD-200912-401
db:	NVD	id:	CVE-2009-4462

LAST UPDATE DATE

2025-04-10T23:11:11.935000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#902793	date:	2010-04-29T00:00:00
db:	CERT/CC	id:	VU#181737	date:	2010-03-26T00:00:00
db:	VULHUB	id:	VHN-41908	date:	2018-10-10T00:00:00
db:	BID	id:	37328	date:	2010-04-06T17:32:00
db:	BID	id:	37325	date:	2010-03-25T16:42:00
db:	JVNDB	id:	JVNDB-2010-001236	date:	2010-04-12T00:00:00
db:	CNNVD	id:	CNNVD-200912-401	date:	2011-07-12T00:00:00
db:	NVD	id:	CVE-2009-4462	date:	2025-04-09T00:30:58.490

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#902793	date:	2010-04-06T00:00:00
db:	CERT/CC	id:	VU#181737	date:	2010-03-24T00:00:00
db:	VULHUB	id:	VHN-41908	date:	2009-12-30T00:00:00
db:	BID	id:	37328	date:	2009-12-14T00:00:00
db:	BID	id:	37325	date:	2009-12-14T00:00:00
db:	JVNDB	id:	JVNDB-2010-001236	date:	2010-04-12T00:00:00
db:	CNNVD	id:	CNNVD-200912-401	date:	2009-12-30T00:00:00
db:	NVD	id:	CVE-2009-4462	date:	2009-12-30T20:00:01.157