Takebishi Electric DeviceXPlorer OPC Server Arbitrary Code Execution Vulnerability
BID:23037
Info
Takebishi Electric DeviceXPlorer OPC Server Arbitrary Code Execution Vulnerability
| Bugtraq ID: | 23037 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2007-1319 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 19 2007 12:00AM |
| Updated: | Mar 22 2007 08:13PM |
| Credit: | NeultralBit is credited with reporting this issue. |
| Vulnerable: |
TAKEBISHI Corporation DeviceXPlorer TOYOPUC OPC Server 0 TAKEBISHI Corporation DeviceXPlorer SYSMAC OPC Server 0 TAKEBISHI Corporation DeviceXPlorer OPC Server 3.12 Build2 TAKEBISHI Corporation DeviceXPlorer MODBUS OPC Server 0 TAKEBISHI Corporation DeviceXPlorer MELSEC OPC Server 0 TAKEBISHI Corporation DeviceXPlorer HIDIC OPC Server 0 TAKEBISHI Corporation DeviceXPlorer FA-M3 OPC Server 0 |
| Not Vulnerable: |
TAKEBISHI Corporation DeviceXPlorer OPC Server 3.12 Build3 |
Discussion
Takebishi Electric DeviceXPlorer OPC Server Arbitrary Code Execution Vulnerability
Takebishi Electric DeviceXPlorer is prone to a vulnerability that will allow remote attackers to execute arbitrary code on an affected computer.
Successful exploits will allow attacker-supplied arbitrary code to run in the context of the affected server. Failed exploit attempts will likely cause denial-of-service conditions.
Takebishi Electric DeviceXPlorer is prone to a vulnerability that will allow remote attackers to execute arbitrary code on an affected computer.
Successful exploits will allow attacker-supplied arbitrary code to run in the context of the affected server. Failed exploit attempts will likely cause denial-of-service conditions.
Exploit / POC
Takebishi Electric DeviceXPlorer OPC Server Arbitrary Code Execution Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
Takebishi Electric DeviceXPlorer OPC Server Arbitrary Code Execution Vulnerability
Solution:
The vendor has released fixes to address this issue. Please see the references for more information.
Solution:
The vendor has released fixes to address this issue. Please see the references for more information.
References
Takebishi Electric DeviceXPlorer OPC Server Arbitrary Code Execution Vulnerability
References:
References:
The vulnerability of DeviceXPlorer OPC Server (TAKEBISHI Corporation)- Vendor Homepage (TAKEBISHI Corporation)
- Vulnerability Note VU#926551 (CERT)
- [NB07-07] Multiple vulnerabilities in Takebishi Electric DeviceXplorer HIDIC OPC (Lluis Mora)
- [NB07-08] Multiple vulnerabilities in Takebishi Electric DeviceXplorer MELSEC OP (Lluis Mora)
- [NB07-09] Multiple vulnerabilities in Takebishi Electric DeviceXplorer FA-M3 OPC (Lluis Mora)
- [NB07-10] Multiple vulnerabilities in Takebishi Electric DeviceXplorer MODBUS OP (Lluis Mora)
- [NB07-17] Multiple vulnerabilities in Takebishi Electric DeviceXplorer SYSMAC OP (Lluis Mora)