3ssoftware CoDeSys 3.4 Control Service CmpWebServer.dll null pointer dereference
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 5.3 | $0-$5k | 0.00 |
A vulnerability was found in 3ssoftware CoDeSys 3.4. It has been classified as problematic. This affects an unknown part in the library CmpWebServer.dll of the component Control Service. The manipulation with an unknown input leads to a null pointer dereference vulnerability. CWE is classifying the issue as CWE-476. A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit. This is going to have an impact on availability. The summary by CVE is:
The CmpWebServer.dll module in the Control service in 3S CoDeSys 3.4 SP4 Patch 2 allows remote attackers to cause a denial of service (NULL pointer dereference) via (1) a crafted Content-Length in an HTTP POST or (2) an invalid HTTP request method.
The weakness was released 12/24/2011 by Luigi Auriemma (Website). It is possible to read the advisory at us-cert.gov. This vulnerability is uniquely identified as CVE-2011-5009 since 12/24/2011. The exploitability is told to be easy. It is possible to initiate the attack remotely. No form of authentication is needed for exploitation. Technical details of the vulnerability are known, but there is no available exploit.
There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
The vulnerability is also documented in the vulnerability database at X-Force (71533). Entries connected to this vulnerability are available at 59909, 59810 and 59809.
Product
Vendor
Name
Version
License
CPE 2.3
CPE 2.2
CVSSv4
VulDB CVSS-B Score: 🔍VulDB CVSS-BT Score: 🔍
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.3VulDB Meta Temp Score: 5.3
VulDB Base Score: 5.3
VulDB Temp Score: 5.3
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| unlock | unlock | unlock | unlock | unlock | unlock |
| unlock | unlock | unlock | unlock | unlock | unlock |
| unlock | unlock | unlock | unlock | unlock | unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Null pointer dereferenceCWE: CWE-476 / CWE-404
CAPEC: 🔍
ATT&CK: 🔍
Local: No
Remote: Yes
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | unlock | unlock | unlock | unlock |
|---|---|---|---|---|
| Today | unlock | unlock | unlock | unlock |
OpenVAS ID: 802280
OpenVAS Name: 3S CoDeSys CmpWebServer Multiple Vulnerabilities
OpenVAS File: 🔍
OpenVAS Family: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: no mitigation knownStatus: 🔍
0-Day Time: 🔍
Fortigate IPS: 🔍
Timeline
11/29/2011 🔍11/30/2011 🔍
12/01/2011 🔍
12/20/2011 🔍
12/24/2011 🔍
12/24/2011 🔍
12/24/2011 🔍
03/23/2015 🔍
04/09/2017 🔍
Sources
Advisory: us-cert.govResearcher: Luigi Auriemma
Status: Not defined
CVE: CVE-2011-5009 (🔍)
X-Force: 71533
Vulnerability Center: 34084 - 3S CoDeSys 3.4 SP4 Patch 2 CmpWebServer Null-Pointer Dereference Vulnerabilities Allow DoS, High
SecurityFocus: 50854 - CoDeSys Multiple Remote Denial of Service Vulnerabilities
Secunia: 47018 - CoDeSys Multiple Vulnerabilities, Moderately Critical
OSVDB: 77388
See also: 🔍
Entry
Created: 03/23/2015 16:50Updated: 04/09/2017 13:00
Changes: 03/23/2015 16:50 (58), 04/09/2017 13:00 (12)
Complete: 🔍
No comments yet. Languages: en.
Please log in to comment.