Details of VAR-201310-0636

ID

VAR-201310-0636

TITLE

Cogent DataHub Denial of service vulnerability

Trust: 1.4

sources: IVD: b973b25a-1f00-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-14172 // CNNVD: CNNVD-201310-689

DESCRIPTION

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cogent DataHub. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of POST requests. By sending a malformed POST, an attacker is able to overflow a heap buffer. An attacker could exploit this vulnerability to execute arbitrary code in the context of the DataHub process. Cogent Real-Time Systems Cogent DataHub is a set of real-time data solutions from Canada's Cogent Real-Time Systems. It belongs to SCADA (Data Acquisition and Monitoring Control System) and automation software. A denial of service vulnerability exists in versions of Cogent DataHub prior to 7.3.4. An attacker could use this vulnerability to crash the server and deny legitimate users. Failed exploit attempts will likely result in denial-of-service conditions

Trust: 2.16

sources: ZDI: ZDI-13-252 // CNVD: CNVD-2013-14172 // CNNVD: CNNVD-201310-689 // BID: 63397 // IVD: b973b25a-1f00-11e6-abef-000c29c66e3d

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: b973b25a-1f00-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-14172

AFFECTED PRODUCTS

vendor:	cogent real time	model:	datahub	scope:	-	version:	-	Trust: 0.7
vendor:	cogent	model:	real-time systems cogent datahub	scope:	lt	version:	7.3.4	Trust: 0.6
vendor:	cogent	model:	real-time systems	scope:	eq	version:	*	Trust: 0.2
vendor:	cogent	model:	datahub	scope:	lt	version:	7.3.4	Trust: 0.2

sources: IVD: b973b25a-1f00-11e6-abef-000c29c66e3d // ZDI: ZDI-13-252 // CNVD: CNVD-2013-14172

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI:	ZDI-13-252
value:	HIGH
Trust: 0.7
CNVD:	CNVD-2013-14172
value:	MEDIUM
Trust: 0.6
IVD:	b973b25a-1f00-11e6-abef-000c29c66e3d
value:	MEDIUM
Trust: 0.2

ZDI:	ZDI-13-252
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.7
CNVD:	CNVD-2013-14172
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	b973b25a-1f00-11e6-abef-000c29c66e3d
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

sources: IVD: b973b25a-1f00-11e6-abef-000c29c66e3d // ZDI: ZDI-13-252 // CNVD: CNVD-2013-14172

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201310-689

TYPE

Input Validation Error

Trust: 0.3

sources: BID: 63397

PATCH

title:	Cogent Real-Time Systems has issued an update to correct this vulnerability.	url:	http://www.cogentdatahub.com/download_software.html	Trust: 0.7
title:	Cogent DataHub denial of service vulnerability patch	url:	https://www.cnvd.org.cn/patchinfo/show/40621	Trust: 0.6

sources: ZDI: ZDI-13-252 // CNVD: CNVD-2013-14172

EXTERNAL IDS

db:	BID	id:	63397	Trust: 1.5
db:	ZDI	id:	ZDI-13-252	Trust: 1.0
db:	CNVD	id:	CNVD-2013-14172	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-1981	Trust: 0.7
db:	CNNVD	id:	CNNVD-201310-689	Trust: 0.6
db:	IVD	id:	B973B25A-1F00-11E6-ABEF-000C29C66E3D	Trust: 0.2

sources: IVD: b973b25a-1f00-11e6-abef-000c29c66e3d // ZDI: ZDI-13-252 // CNVD: CNVD-2013-14172 // BID: 63397 // CNNVD: CNNVD-201310-689

REFERENCES

url:	http://www.securityfocus.com/bid/63397	Trust: 1.2
url:	http://www.cogentdatahub.com/download_software.html	Trust: 0.7
url:	http://www.zerodayinitiative.com/advisories/zdi-13-252/	Trust: 0.3
url:	http://www.cogentdatahub.com/index.html	Trust: 0.3
url:	http://www.cogentdatahub.com/releasenotes.html	Trust: 0.3

sources: ZDI: ZDI-13-252 // CNVD: CNVD-2013-14172 // BID: 63397 // CNNVD: CNNVD-201310-689

CREDITS

Pawel Wylecial

Trust: 1.6

sources: ZDI: ZDI-13-252 // BID: 63397 // CNNVD: CNNVD-201310-689

SOURCES

db:	IVD	id:	b973b25a-1f00-11e6-abef-000c29c66e3d
db:	ZDI	id:	ZDI-13-252
db:	CNVD	id:	CNVD-2013-14172
db:	BID	id:	63397
db:	CNNVD	id:	CNNVD-201310-689

LAST UPDATE DATE

2022-05-17T02:04:40.400000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-13-252	date:	2013-11-24T00:00:00
db:	CNVD	id:	CNVD-2013-14172	date:	2013-10-31T00:00:00
db:	BID	id:	63397	date:	2015-03-19T09:30:00
db:	CNNVD	id:	CNNVD-201310-689	date:	2013-10-31T00:00:00

SOURCES RELEASE DATE

db:	IVD	id:	b973b25a-1f00-11e6-abef-000c29c66e3d	date:	2013-10-31T00:00:00
db:	ZDI	id:	ZDI-13-252	date:	2013-11-24T00:00:00
db:	CNVD	id:	CNVD-2013-14172	date:	2013-10-31T00:00:00
db:	BID	id:	63397	date:	2013-10-29T00:00:00
db:	CNNVD	id:	CNNVD-201310-689	date:	2013-10-31T00:00:00