Details of VAR-200912-0340

ID

VAR-200912-0340

CVE

CVE-2009-4463

TITLE

IntelliCom NetBiter devices have default HICP passwords

Trust: 0.8

sources: CERT/CC: VU#902793

DESCRIPTION

Intellicom NetBiter WebSCADA devices use default passwords for the HICP network configuration service, which makes it easier for remote attackers to modify network settings and cause a denial of service. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product's installation documentation. NOTE: this issue was originally reported to be hard-coded passwords, not default passwords. The IntelliCom NetBiter Config HICP configuration utility has a buffer overflow vulnerability that can be triggered by a specially crafted hostname (hn) value. An attacker with network access could exploit this vulnerability to execute arbitrary code with the privileges of the user running NetBiter Config. IntelliCom Provided by NetBiter The password set on the device at the factory may be used by a remote third party. IntelliCom Provided by NetBiter The device is Ethernet and IP To configure network settings HICP The protocol is used. NetBiter The device is factory set HICP The password for can be obtained by methods other than the product documentation.Without changing from the factory password NetBiter When operating the device, the remote third party who obtained the password may change the network settings or change the password. HICP Access to the service may be disrupted. Also, HICP Since passwords are transmitted in clear text, the password may be intercepted by a third party intercepting the communication. Successful exploits may allow attackers to gain privileged access to the device or network; other attacks may also be possible. NOTE: This BID is being retired as it has been determined to not be a vulnerability. The default password and instructions on changing it are detailed in the product documentation. Netbiter Webscada Firmware is prone to a denial-of-service vulnerability

Trust: 3.78

sources: NVD: CVE-2009-4463 // CERT/CC: VU#902793 // CERT/CC: VU#181737 // JVNDB: JVNDB-2010-001345 // BID: 37328 // BID: 79166 // VULHUB: VHN-41909 // VULMON: CVE-2009-4463

AFFECTED PRODUCTS

vendor:	intellicom	model:	netbiter webscada	scope:	eq	version:	3.13.2	Trust: 1.9
vendor:	intellicom	model:	netbiter webscada	scope:	eq	version:	3.13.1	Trust: 1.9
vendor:	intellicom	model:	netbiter webscada	scope:	eq	version:	3.12.4	Trust: 1.9
vendor:	intellicom	model:	netbiter webscada	scope:	eq	version:	3.30.1	Trust: 1.9
vendor:	intellicom	model:	netbiter webscada	scope:	eq	version:	3.12.6	Trust: 1.9
vendor:	intellicom	model:	netbiter webscada	scope:	eq	version:	3.11.2	Trust: 1.9
vendor:	intellicom innovation ab	model:	-	scope:	-	version:	-	Trust: 1.6
vendor:	intellicom	model:	netbiter webscada	scope:	eq	version:	3.30.2	Trust: 1.6
vendor:	intellicom	model:	netbiter webscada	scope:	eq	version:	3.20.0	Trust: 1.6
vendor:	intellicom	model:	netbiter webscada	scope:	eq	version:	3.13.0	Trust: 1.6
vendor:	intellicom	model:	netbiter webscada	scope:	eq	version:	3.30.0	Trust: 1.6
vendor:	intellicom	model:	netbiter webscada	scope:	eq	version:	3.11.1	Trust: 1.3
vendor:	intellicom	model:	netbiter webscada ws100	scope:	eq	version:	*	Trust: 1.0
vendor:	intellicom	model:	netbiter webscada ws200	scope:	eq	version:	*	Trust: 1.0
vendor:	intellicom	model:	netbiter webscada	scope:	eq	version:	3.11.0	Trust: 1.0
vendor:	intellicom innovation ab	model:	netbiter webscada	scope:	-	version:	-	Trust: 0.8
vendor:	intellicom innovation ab	model:	netbiter webscada ws100	scope:	-	version:	-	Trust: 0.8
vendor:	intellicom innovation ab	model:	netbiter webscada ws200	scope:	-	version:	-	Trust: 0.8
vendor:	intellicom	model:	innovation netbiter webscada ws200	scope:	eq	version:	0	Trust: 0.3
vendor:	intellicom	model:	innovation netbiter webscada ws100	scope:	eq	version:	0	Trust: 0.3
vendor:	intellicom	model:	netbiter webscada ws200	scope:	eq	version:	0	Trust: 0.3
vendor:	intellicom	model:	netbiter webscada ws100	scope:	eq	version:	0	Trust: 0.3
vendor:	intellicom	model:	netbiter webscada	scope:	eq	version:	3.30	Trust: 0.3
vendor:	intellicom	model:	netbiter webscada	scope:	eq	version:	3.20	Trust: 0.3
vendor:	intellicom	model:	netbiter webscada	scope:	eq	version:	3.11	Trust: 0.3
vendor:	intellicom	model:	netbiter webscada b184	scope:	eq	version:	3.30.2	Trust: 0.3
vendor:	intellicom	model:	netbiter webscada beta	scope:	eq	version:	3.13.0	Trust: 0.3

sources: CERT/CC: VU#902793 // CERT/CC: VU#181737 // BID: 37328 // BID: 79166 // JVNDB: JVNDB-2010-001345 // CNNVD: CNNVD-200912-402 // NVD: CVE-2009-4463

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2009-4463
value:	HIGH
Trust: 1.0
CARNEGIE MELLON:	VU#181737
value:	0.48
Trust: 0.8
NVD:	CVE-2009-4463
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200912-402
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-41909
value:	HIGH
Trust: 0.1
VULMON:	CVE-2009-4463
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2009-4463
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-41909
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#181737 // VULHUB: VHN-41909 // VULMON: CVE-2009-4463 // JVNDB: JVNDB-2010-001345 // CNNVD: CNNVD-200912-402 // NVD: CVE-2009-4463

PROBLEMTYPE DATA

problemtype:

CWE-255

Trust: 1.9

sources: VULHUB: VHN-41909 // JVNDB: JVNDB-2010-001345 // NVD: CVE-2009-4463

THREAT TYPE

network

Trust: 0.6

sources: BID: 37328 // BID: 79166

TYPE

trust management

Trust: 0.6

sources: CNNVD: CNNVD-200912-402

CONFIGURATIONS

sources: JVNDB: JVNDB-2010-001345

PATCH

title:

ISFR-4404-0008

url:

http://support.intellicom.se/getfile.cfm?FID=151&FPID=113

Trust: 0.8

sources: JVNDB: JVNDB-2010-001345

EXTERNAL IDS

db:	CERT/CC	id:	VU#902793	Trust: 3.4
db:	NVD	id:	CVE-2009-4463	Trust: 2.9
db:	OSVDB	id:	61506	Trust: 2.8
db:	BID	id:	37328	Trust: 1.1
db:	CERT/CC	id:	VU#181737	Trust: 0.8
db:	JVNDB	id:	JVNDB-2010-001345	Trust: 0.8
db:	CNNVD	id:	CNNVD-200912-402	Trust: 0.7
db:	BUGTRAQ	id:	20091214 EXPOSING HMS HICP PROTOCOL + INTELLICOM NETBITERCONFIG.EXE REMOTE BUFFER OVERFLOW (NOT PATCHED)	Trust: 0.6
db:	BID	id:	79166	Trust: 0.5
db:	VULHUB	id:	VHN-41909	Trust: 0.1
db:	VULMON	id:	CVE-2009-4463	Trust: 0.1

sources: CERT/CC: VU#902793 // CERT/CC: VU#181737 // VULHUB: VHN-41909 // VULMON: CVE-2009-4463 // BID: 37328 // BID: 79166 // JVNDB: JVNDB-2010-001345 // CNNVD: CNNVD-200912-402 // NVD: CVE-2009-4463

REFERENCES

url:	http://reversemode.com/index.php?option=com_content&task=view&id=65&itemid=1	Trust: 3.9
url:	http://blog.48bits.com/?p=781	Trust: 2.8
url:	http://www.kb.cert.org/vuls/id/902793	Trust: 2.7
url:	http://support.intellicom.se/getfile.cfm?fid=151	Trust: 2.6
url:	http://www.osvdb.org/61506	Trust: 2.0
url:	http://www.securityfocus.com/archive/1/508449/100/0/threaded	Trust: 1.2
url:	http://www.securityfocus.com/archive/1/archive/1/508449/100/0/threaded	Trust: 0.9
url:	http://osvdb.com/show/osvdb/61506	Trust: 0.8
url:	http://www.hms.se/products/prodindex.shtml	Trust: 0.8
url:	http://www.anybus.com/products/abxsstech.shtml	Trust: 0.8
url:	http://support.intellicom.se/news.cfm?nwid=33	Trust: 0.8
url:	http://support.intellicom.se/getfile.cfm?fid=150	Trust: 0.8
url:	http://www.securityfocus.com/bid/37328	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4463	Trust: 0.8
url:	http://jvn.jp/cert/jvnvu902793/	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-4463	Trust: 0.8
url:	http://www.intellicom.se/	Trust: 0.3
url:	http://www.intellicom.se/webscada.cfm	Trust: 0.3
url:	/archive/1/508449	Trust: 0.3
url:	http://reversemode.com/index.php?option=com_content&task=view&id=65&itemid=1	Trust: 0.1
url:	https://cwe.mitre.org/data/definitions/255.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.securityfocus.com/bid/79166	Trust: 0.1

CREDITS

Ruben Santamarta

Trust: 0.3

sources: BID: 37328

SOURCES

db:	CERT/CC	id:	VU#902793
db:	CERT/CC	id:	VU#181737
db:	VULHUB	id:	VHN-41909
db:	VULMON	id:	CVE-2009-4463
db:	BID	id:	37328
db:	BID	id:	79166
db:	JVNDB	id:	JVNDB-2010-001345
db:	CNNVD	id:	CNNVD-200912-402
db:	NVD	id:	CVE-2009-4463

LAST UPDATE DATE

2025-04-10T23:11:11.890000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#902793	date:	2010-04-29T00:00:00
db:	CERT/CC	id:	VU#181737	date:	2010-03-26T00:00:00
db:	VULHUB	id:	VHN-41909	date:	2018-10-10T00:00:00
db:	VULMON	id:	CVE-2009-4463	date:	2018-10-10T00:00:00
db:	BID	id:	37328	date:	2010-04-06T17:32:00
db:	BID	id:	79166	date:	2009-12-30T00:00:00
db:	JVNDB	id:	JVNDB-2010-001345	date:	2010-04-27T00:00:00
db:	CNNVD	id:	CNNVD-200912-402	date:	2011-07-12T00:00:00
db:	NVD	id:	CVE-2009-4463	date:	2025-04-09T00:30:58.490

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#902793	date:	2010-04-06T00:00:00
db:	CERT/CC	id:	VU#181737	date:	2010-03-24T00:00:00
db:	VULHUB	id:	VHN-41909	date:	2009-12-30T00:00:00
db:	VULMON	id:	CVE-2009-4463	date:	2009-12-30T00:00:00
db:	BID	id:	37328	date:	2009-12-14T00:00:00
db:	BID	id:	79166	date:	2009-12-30T00:00:00
db:	JVNDB	id:	JVNDB-2010-001345	date:	2010-04-27T00:00:00
db:	CNNVD	id:	CNNVD-200912-402	date:	2009-12-30T00:00:00
db:	NVD	id:	CVE-2009-4463	date:	2009-12-30T20:00:01.170