CVE-2011-3495

Sažetak

Multiple directory traversal vulnerabilities in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to read, modify, or delete arbitrary files via the (1) RF, (2) wF, (3) UF, or (4) NF command.

Reference

http://aluigi.altervista.org/adv/scadapro_1-adv.txt
http://securityreason.com/securityalert/8382
http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-256-04.pdf

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

14-02-2012 - 04:08

Objavljeno

16-09-2011 - 17:26