ID
VAR-201109-0399
TITLE
pNetPower 6.1 AngelServer UDP Packet Heap Buffer Overflow Vulnerability Patch Derived Denial of Service Vulnerability
Trust: 0.8
DESCRIPTION
pNetPower is an electric version monitoring configuration software launched by Beijing 3D Power Control Technology Co., Ltd. On May 20, 2010, 3D Power Control released a heap buffer overflow vulnerability patch for PNETPower 6 based on the research results of foreign vulnerability researcher Dillon Beresford, http://www.sunwayland.com.cn/news_info_.asp? Nid=3593. However, in this patch, because the key parameters are not protected by SEH, it is possible to induce the Angelserver.exe process to crash, resulting in a denial of service. An attacker can exploit a vulnerability to launch a remote attack
Trust: 0.72
IOT TAXONOMY
| category: | ['ICS'] | sub_category: | - | Trust: 0.8 |
AFFECTED PRODUCTS
| vendor: | 3d | model: | force control pnetpower | scope: | eq | version: | 6.1 | Trust: 0.8 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||
|
|
TYPE
Denial of service
Trust: 0.2
PATCH
| title: | pNetPower 6.1 AngelServer UDP Packet Heap Buffer Overflow Vulnerability Patch Derived Denial of Service Vulnerability Patch | url: | https://www.cnvd.org.cn/patchinfo/show/5170 | Trust: 0.6 |
EXTERNAL IDS
| db: | CNVD | id: | CNVD-2011-3477 | Trust: 0.8 |
| db: | IVD | id: | 6E76AECE-1F87-11E6-ABEF-000C29C66E3D | Trust: 0.2 |
SOURCES
| db: | IVD | id: | 6e76aece-1f87-11e6-abef-000c29c66e3d |
| db: | CNVD | id: | CNVD-2011-3477 |
LAST UPDATE DATE
2022-05-17T02:07:19.467000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2011-3477 | date: | 2011-09-23T00:00:00 |
SOURCES RELEASE DATE
| db: | IVD | id: | 6e76aece-1f87-11e6-abef-000c29c66e3d | date: | 2011-09-23T00:00:00 |
| db: | CNVD | id: | CNVD-2011-3477 | date: | 2011-09-23T00:00:00 |