Summary
This host is running WellinTech KingView and is prone to multiple vulnerabilties.
Impact
Successful exploitation allows remote attackers to gain sensitive information via directory traversal attacks or cause the application to crash, creating a denial of service condition.
Impact Level: Application
Solution
Apply the patch from below link
http://www.wellintech.com/index.php/news/33-patch-for-kingview653
Insight
- Multiple errors in 'touchview.exe' when processing certain requests, can be exploited to cause a crash via a specially crafted request sent to TCP port 555.
- A specially crafted packet to either Port 2001/TCP or Port 2001/UDP, an attacker may read from an invalid memory location in the KingView application.
- A specially crafted GET request via HTTP on Port 8001/TCP, an attacker may access arbitrary information from the KingView application.
Affected
WellinTech KingView version 6.53
References
- http://packetstormsecurity.org/files/114165/kingviewtouchview-overflow.txt
- http://packetstormsecurity.org/files/114166/kingviewtouchview-overwrite.txt
- http://secunia.com/advisories/49058
- http://www.us-cert.gov/control_systems/pdf/ICSA-12-185-01.pdf
- http://www.wellintech.com/index.php/news/33-patch-for-kingview653
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2012-1830, CVE-2012-1831, CVE-2012-1832, CVE-2012-2560 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Air Multiple Vulnerabilities -01 May 13 (Mac OS X)
- Adobe Acrobat Multiple Vulnerabilities - 01 May14 (Mac OS X)
- Adobe Acrobat Multiple Unspecified Vulnerabilities - Mac OS X
- Adobe Flash Player Buffer Overflow Vulnerability - Apr14 (Windows)
- Adobe Acrobat Multiple Unspecified Vulnerabilities -01 Feb13 (Mac OS X)