Published: 15/09/2011 Updated: 29/08/2017

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Core Server HMI Service (Coreservice.exe) in Scadatec Limited Procyon SCADA 1.06, and other versions prior to 1.14, allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a long password to the Telnet (TCP/23) port, which triggers an out-of-bounds read or write, leading to a stack-based buffer overflow.

Vulnerable Product	Search on Vulmon	Subscribe to Product
scadatec procyon scada 1.13
scadatec procyon scada 1.06

## # $Id: procyon_core_serverrb 13724 2011-09-12 21:42:36Z swtornio $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' ...

This Metasploit module exploits a vulnerability in the coreserviceexe component of Proycon Core Server versions 113 and below While processing a password, the application fails to do proper bounds checking before copying data into a small buffer on the stack This causes a buffer overflow and allows it to overwrite a structured exception handlin ...

CWE-119 http://secunia.com/advisories/45866 http://osvdb.org/75371 http://www.securityfocus.com/bid/49480 http://www.uscert.gov/control_systems/pdf/ICSA-11-216-01.pdf http://www.stratsec.net/Research/Advisories/Procyon-Core-Server-HMI-Remote-Stack-Overflow http://www.exploit-db.com/exploits/17827 http://securityreason.com/securityalert/8374 https://exchange.xforce.ibmcloud.com/vulnerabilities/69632 https://nvd.nist.gov https://www.exploit-db.com/exploits/17827/

CVE-2011-3322

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect