Details of VAR-201202-0042

ID

VAR-201202-0042

CVE

CVE-2011-4534

TITLE

Ing. Punzenberger COPA-DATA zenon of ZenSysSrv.exe Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2012-001402

DESCRIPTION

ZenSysSrv.exe in Ing. Punzenberger COPA-DATA zenon 6.51 SP0 allows remote attackers to cause a denial of service (service crash) or possibly execute arbitrary code via a series of connections and disconnections on TCP port 1101, aka Reference Number 25212. Punzenberger COPA-DATA GmbH zenon is an industrial automation software. Punzenberger COPA-DATA GmbH zenon is prone to multiple denial-of-service vulnerabilities. Attackers can exploit these issues to crash an affected system, denying service to legitimate users. zenon 6.51 SP0 is vulnerable; other versions may also be affected. ---------------------------------------------------------------------- SC Magazine awards the Secunia CSI a 5-Star rating Top-level rating for ease of use, performance, documentation, support, and value for money. Read more and get a free trial here: http://secunia.com/blog/296 ---------------------------------------------------------------------- TITLE: zenon Two Code Execution Vulnerabilities SECUNIA ADVISORY ID: SA47892 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47892/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47892 RELEASE DATE: 2012-02-08 DISCUSS ADVISORY: http://secunia.com/advisories/47892/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47892/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47892 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in zenon, which can be exploited by malicious people to potentially compromise a vulnerable system. 1) An error in zenAdminSrv.exe when processing certain packets can be exploited via a specially crafted packet sent to TCP port 50777. 2) An error in ZenSysSrv.exe when handling client connections can be exploited by connecting and disconnecting multiple times on TCP port 1101. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. The vulnerabilities are reported in version 6.51 SP0. SOLUTION: Reportedly a patch has been released. Contact the vendor for further information. PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Kuang-Chun Hung, Security Research and Service Institute Information and Communication Security Technology Center (ICST). ORIGINAL ADVISORY: ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICSA-12-013-01.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.7

sources: NVD: CVE-2011-4534 // JVNDB: JVNDB-2012-001402 // CNVD: CNVD-2012-0503 // BID: 51897 // IVD: 247ca564-2354-11e6-abef-000c29c66e3d // PACKETSTORM: 109585

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: 247ca564-2354-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-0503

AFFECTED PRODUCTS

vendor:	copadata	model:	zenon	scope:	eq	version:	6.51	Trust: 1.6
vendor:	ing punzenberger copa data	model:	zenon sp0	scope:	eq	version:	6.51	Trust: 0.9
vendor:	ing punzenberger copa data	model:	zenon	scope:	eq	version:	6.51 sp0	Trust: 0.8
vendor:	zenon	model:	-	scope:	eq	version:	6.51	Trust: 0.2

sources: IVD: 247ca564-2354-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-0503 // BID: 51897 // JVNDB: JVNDB-2012-001402 // CNNVD: CNNVD-201202-192 // NVD: CVE-2011-4534

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2011-4534
value:	HIGH
Trust: 1.0
NVD:	CVE-2011-4534
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201202-192
value:	HIGH
Trust: 0.6
IVD:	247ca564-2354-11e6-abef-000c29c66e3d
value:	HIGH
Trust: 0.2

nvd@nist.gov:	CVE-2011-4534
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
IVD:	247ca564-2354-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

sources: IVD: 247ca564-2354-11e6-abef-000c29c66e3d // JVNDB: JVNDB-2012-001402 // CNNVD: CNNVD-201202-192 // NVD: CVE-2011-4534

PROBLEMTYPE DATA

problemtype:

NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2011-4534

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201202-192

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201202-192

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-001402

PATCH

title:	Top Page	url:	http://www.copadata.com	Trust: 0.8
title:	Partner List	url:	http://www.copadata.com/en/partner/partner-list.html	Trust: 0.8
title:	Patch for Ing. Punzenberger COPA-DATA GmbH zenon Denial of Service Vulnerability (CNVD-2012-0503)	url:	https://www.cnvd.org.cn/patchInfo/show/9175	Trust: 0.6

sources: CNVD: CNVD-2012-0503 // JVNDB: JVNDB-2012-001402

EXTERNAL IDS

db:	NVD	id:	CVE-2011-4534	Trust: 3.5
db:	ICS CERT	id:	ICSA-12-013-01	Trust: 3.4
db:	SECUNIA	id:	47892	Trust: 1.8
db:	CNVD	id:	CNVD-2012-0503	Trust: 0.8
db:	CNNVD	id:	CNNVD-201202-192	Trust: 0.8
db:	JVNDB	id:	JVNDB-2012-001402	Trust: 0.8
db:	BID	id:	51897	Trust: 0.3
db:	IVD	id:	247CA564-2354-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	PACKETSTORM	id:	109585	Trust: 0.1

sources: IVD: 247ca564-2354-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-0503 // BID: 51897 // JVNDB: JVNDB-2012-001402 // PACKETSTORM: 109585 // CNNVD: CNNVD-201202-192 // NVD: CVE-2011-4534

REFERENCES

url:	http://www.us-cert.gov/control_systems/pdf/icsa-12-013-01.pdf	Trust: 3.4
url:	http://secunia.com/advisories/47892	Trust: 1.6
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4534	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4534	Trust: 0.8
url:	http://www.copadata.com/en/products/automation-solutions/zenon.html	Trust: 0.3
url:	http://secunia.com/vulnerability_intelligence/	Trust: 0.1
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/	Trust: 0.1
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/personal/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/blog/296	Trust: 0.1
url:	https://ca.secunia.com/?page=viewadvisory&vuln_id=47892	Trust: 0.1
url:	http://secunia.com/advisories/47892/	Trust: 0.1
url:	http://secunia.com/advisories/47892/#comments	Trust: 0.1

sources: CNVD: CNVD-2012-0503 // BID: 51897 // JVNDB: JVNDB-2012-001402 // PACKETSTORM: 109585 // CNNVD: CNNVD-201202-192 // NVD: CVE-2011-4534

CREDITS

Kuang-Chun Hung

Trust: 0.3

sources: BID: 51897

SOURCES

db:	IVD	id:	247ca564-2354-11e6-abef-000c29c66e3d
db:	CNVD	id:	CNVD-2012-0503
db:	BID	id:	51897
db:	JVNDB	id:	JVNDB-2012-001402
db:	PACKETSTORM	id:	109585
db:	CNNVD	id:	CNNVD-201202-192
db:	NVD	id:	CVE-2011-4534

LAST UPDATE DATE

2025-04-11T22:49:48.888000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2012-0503	date:	2012-02-09T00:00:00
db:	BID	id:	51897	date:	2012-02-07T00:00:00
db:	JVNDB	id:	JVNDB-2012-001402	date:	2012-02-14T00:00:00
db:	CNNVD	id:	CNNVD-201202-192	date:	2012-02-13T00:00:00
db:	NVD	id:	CVE-2011-4534	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	IVD	id:	247ca564-2354-11e6-abef-000c29c66e3d	date:	2012-02-09T00:00:00
db:	CNVD	id:	CNVD-2012-0503	date:	2012-02-09T00:00:00
db:	BID	id:	51897	date:	2012-02-07T00:00:00
db:	JVNDB	id:	JVNDB-2012-001402	date:	2012-02-14T00:00:00
db:	PACKETSTORM	id:	109585	date:	2012-02-09T11:40:25
db:	CNNVD	id:	CNNVD-201202-192	date:	2012-02-13T00:00:00
db:	NVD	id:	CVE-2011-4534	date:	2012-02-10T19:55:01.893