CVE-2015-7937

Sažetak

Stack-based buffer overflow in the GoAhead Web Server on Schneider Electric Modicon M340 PLC BMXNOx and BMXPx devices allows remote attackers to execute arbitrary code via a long password in HTTP Basic Authentication data.

Reference

http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-344-01
http://www.securityfocus.com/bid/79622
https://ics-cert.us-cert.gov/advisories/ICSA-15-351-01

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

28-11-2016 - 19:45

Objavljeno

21-12-2015 - 11:59