Details of VAR-201307-0565

ID

VAR-201307-0565

TITLE

Cogent Real-Time Systems DataHub Remote Stack Buffer Overflow Vulnerability

Trust: 1.7

sources: IVD: 5d896002-1f14-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-11044 // BID: 61470 // CNNVD: CNNVD-201307-645

DESCRIPTION

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cogent Datahub. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web server component's handling of HTTP headers. By sending an overlarge HTTP header, an attacker can overflow a fixed size stack buffer. This vulnerability allows for an attacker to execute arbitrary code in the context of the Datahub process. Cogent Real-Time Systems DataHub is a set of real-time data system integration suite based on B / S architecture by Cogent Real-Time Systems of Canada. The kit includes tools such as DataHub WebView and DataHub QuickTrend. Cogent Real-Time Systems DataHub 7.3.0 vulnerabilities exist, other versions may also be affected. Failed exploit attempts will likely result in denial-of-service conditions

Trust: 2.16

sources: ZDI: ZDI-13-178 // CNVD: CNVD-2013-11044 // CNNVD: CNNVD-201307-645 // BID: 61470 // IVD: 5d896002-1f14-11e6-abef-000c29c66e3d

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: 5d896002-1f14-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-11044

AFFECTED PRODUCTS

vendor:	cogent real time	model:	datahub	scope:	-	version:	-	Trust: 0.7
vendor:	cogent	model:	real-time systems cogent datahub	scope:	-	version:	-	Trust: 0.6
vendor:	cogent	model:	real-time systems	scope:	eq	version:	*	Trust: 0.2
vendor:	cogent	model:	datahub	scope:	eq	version:	*	Trust: 0.2

sources: IVD: 5d896002-1f14-11e6-abef-000c29c66e3d // ZDI: ZDI-13-178 // CNVD: CNVD-2013-11044

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI:	ZDI-13-178
value:	HIGH
Trust: 0.7
CNVD:	CNVD-2013-11044
value:	HIGH
Trust: 0.6
IVD:	5d896002-1f14-11e6-abef-000c29c66e3d
value:	HIGH
Trust: 0.2

ZDI:	ZDI-13-178
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.7
CNVD:	CNVD-2013-11044
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	5d896002-1f14-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

sources: IVD: 5d896002-1f14-11e6-abef-000c29c66e3d // ZDI: ZDI-13-178 // CNVD: CNVD-2013-11044

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201307-645

TYPE

Buffer overflow

Trust: 0.8

sources: IVD: 5d896002-1f14-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201307-645

PATCH

title:	Cogent Real-Time Systems has issued an update to correct this vulnerability.	url:	http://www.cogentdatahub.com/info/130712_zdi-can-1915_response.html	Trust: 0.7
title:	Patch for Cogent Real-Time Systems DataHub Remote Stack Buffer Overflow Vulnerability	url:	https://www.cnvd.org.cn/patchinfo/show/36556	Trust: 0.6

sources: ZDI: ZDI-13-178 // CNVD: CNVD-2013-11044

EXTERNAL IDS

db:	BID	id:	61470	Trust: 1.5
db:	ZDI	id:	ZDI-13-178	Trust: 1.3
db:	CNVD	id:	CNVD-2013-11044	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-1915	Trust: 0.7
db:	CNNVD	id:	CNNVD-201307-645	Trust: 0.6
db:	IVD	id:	5D896002-1F14-11E6-ABEF-000C29C66E3D	Trust: 0.2

sources: IVD: 5d896002-1f14-11e6-abef-000c29c66e3d // ZDI: ZDI-13-178 // CNVD: CNVD-2013-11044 // BID: 61470 // CNNVD: CNNVD-201307-645

REFERENCES

url:	http://www.cogentdatahub.com/info/130712_zdi-can-1915_response.html	Trust: 0.7
url:	http://www.zerodayinitiative.com/advisories/zdi-13-178/	Trust: 0.6
url:	http://www.securityfocus.com/bid/61470	Trust: 0.6
url:	http://www.cogentdatahub.com/products/cogent_datahub.html	Trust: 0.3

sources: ZDI: ZDI-13-178 // CNVD: CNVD-2013-11044 // BID: 61470 // CNNVD: CNNVD-201307-645

CREDITS

Andrea Micalizzi aka rgod

Trust: 1.6

sources: ZDI: ZDI-13-178 // BID: 61470 // CNNVD: CNNVD-201307-645

SOURCES

db:	IVD	id:	5d896002-1f14-11e6-abef-000c29c66e3d
db:	ZDI	id:	ZDI-13-178
db:	CNVD	id:	CNVD-2013-11044
db:	BID	id:	61470
db:	CNNVD	id:	CNNVD-201307-645

LAST UPDATE DATE

2022-05-17T01:48:04.631000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-13-178	date:	2013-07-26T00:00:00
db:	CNVD	id:	CNVD-2013-11044	date:	2013-08-01T00:00:00
db:	BID	id:	61470	date:	2013-08-19T11:27:00
db:	CNNVD	id:	CNNVD-201307-645	date:	2013-08-09T00:00:00

SOURCES RELEASE DATE

db:	IVD	id:	5d896002-1f14-11e6-abef-000c29c66e3d	date:	2013-08-01T00:00:00
db:	ZDI	id:	ZDI-13-178	date:	2013-07-26T00:00:00
db:	CNVD	id:	CNVD-2013-11044	date:	2013-08-01T00:00:00
db:	BID	id:	61470	date:	2013-07-26T00:00:00
db:	CNNVD	id:	CNNVD-201307-645	date:	2013-07-26T00:00:00