Summary
The host is running Cogent DataHub and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow remote attackers to execute arbitrary code or cause denial of service condition resulting in loss of availability.
Impact Level: System/Application
Solution
Upgrade to Cogent DataHub 7.3.0, OPC DataHub 6.4.22, Cascade DataHub 6.4.22, DataHub QuickTrend 7.3.0 or later, For updates refer to http://www.cogentdatahub.com
Insight
Multiple flaws due to
- Improper handling of formatted text commands
- Improper validation of HTTP request with a long header parameter - Error within string handling
Affected
Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and
DataHub QuickTrend before 7.3.0
References
Severity
Classification
-
CVE CVE-2013-0680, CVE-2013-0681, CVE-2013-0682, CVE-2013-0683 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- ClamAV get_unicode_name() Off-By-One Heap based BOF Vulnerability
- Adobe Digital Edition Denial of Service Vulnerability (Mac OS X)
- Apache 'mod_deflate' Denial Of Service Vulnerability - July09
- FlashGet FTP PWD Response Remote Buffer Overflow Vulnerability
- BulletProof FTP Client '.bps' File Buffer Overflow Vulnerability