Summary
The host is running Cogent DataHub and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow remote attackers to execute arbitrary code or cause denial of service condition resulting in loss of availability.
Impact Level: System/Application
Solution
Upgrade to Cogent DataHub 7.3.0, OPC DataHub 6.4.22, Cascade DataHub 6.4.22, DataHub QuickTrend 7.3.0 or later, For updates refer to http://www.cogentdatahub.com
Insight
Multiple flaws due to
- Improper handling of formatted text commands
- Improper validation of HTTP request with a long header parameter - Error within string handling
Affected
Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and
DataHub QuickTrend before 7.3.0
References
Severity
Classification
-
CVE CVE-2013-0680, CVE-2013-0681, CVE-2013-0682, CVE-2013-0683 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Avaya IP Office Manager TFTP Denial of Service Vulnerability
- Adobe Reader '.ETD File' Denial of Service Vulnerability (Windows)
- EMC NetWorker 'nsrexecd' RPC Packet Denial of Service Vulnerability
- CiscoKits CCNA TFTP Server 'Write' Command Denial Of Service Vulnerability
- Asterisk IAX2 Call Number Exhaustion DOS Vulnerability (Linux)