VAR-200912-0339
Vulnerability from variot - Updated: 2023-12-18 13:53Stack-based buffer overflow in the NetBiterConfig utility (NetBiterConfig.exe) 1.3.0 for Intellicom NetBiter WebSCADA allows remote attackers to execute arbitrary code via a long hn (hostname) parameter in a crafted HICP-protocol UDP packet. IntelliCom NetBiter devices ship with default passwords for the HICP network configuration service. An attacker with network access could exploit this vulnerability to execute arbitrary code with the privileges of the user running NetBiter Config. Successful exploits may allow attackers to gain privileged access to the device or network; other attacks may also be possible. NOTE: This BID is being retired as it has been determined to not be a vulnerability. The default password and instructions on changing it are detailed in the product documentation. Intellicom 'NetBiterConfig.exe' is prone to a remote stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Failed exploit attempts will result in a denial-of-service condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200912-0339",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "intellicom innovation ab",
"version": null
},
{
"model": "netbiterconfig",
"scope": "eq",
"trust": 1.6,
"vendor": "intellicom",
"version": "1.3.0"
},
{
"model": "netbiter config",
"scope": "lt",
"trust": 0.8,
"vendor": "intellicom innovation ab",
"version": "1.3.1 earlier"
},
{
"model": "innovation netbiter webscada ws200",
"scope": "eq",
"trust": 0.3,
"vendor": "intellicom",
"version": "0"
},
{
"model": "innovation netbiter webscada ws100",
"scope": "eq",
"trust": 0.3,
"vendor": "intellicom",
"version": "0"
},
{
"model": "innovation netbiterconfig.exe",
"scope": "eq",
"trust": 0.3,
"vendor": "intellicom",
"version": "1.3"
},
{
"model": "innovation netbiterconfig.exe",
"scope": "ne",
"trust": 0.3,
"vendor": "intellicom",
"version": "1.3.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#902793"
},
{
"db": "CERT/CC",
"id": "VU#181737"
},
{
"db": "BID",
"id": "37328"
},
{
"db": "BID",
"id": "37325"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001236"
},
{
"db": "NVD",
"id": "CVE-2009-4462"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-401"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:intellicom:netbiterconfig:1.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_webscada_ws100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_webscada_ws200:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-4462"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ruben Santamarta",
"sources": [
{
"db": "BID",
"id": "37328"
},
{
"db": "BID",
"id": "37325"
}
],
"trust": 0.6
},
"cve": "CVE-2009-4462",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2009-4462",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-41908",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-4462",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#181737",
"trust": 0.8,
"value": "0.48"
},
{
"author": "CNNVD",
"id": "CNNVD-200912-401",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-41908",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#181737"
},
{
"db": "VULHUB",
"id": "VHN-41908"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001236"
},
{
"db": "NVD",
"id": "CVE-2009-4462"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-401"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in the NetBiterConfig utility (NetBiterConfig.exe) 1.3.0 for Intellicom NetBiter WebSCADA allows remote attackers to execute arbitrary code via a long hn (hostname) parameter in a crafted HICP-protocol UDP packet. IntelliCom NetBiter devices ship with default passwords for the HICP network configuration service. An attacker with network access could exploit this vulnerability to execute arbitrary code with the privileges of the user running NetBiter Config. \nSuccessful exploits may allow attackers to gain privileged access to the device or network; other attacks may also be possible. \nNOTE: This BID is being retired as it has been determined to not be a vulnerability. The default password and instructions on changing it are detailed in the product documentation. Intellicom \u0027NetBiterConfig.exe\u0027 is prone to a remote stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Failed exploit attempts will result in a denial-of-service condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-4462"
},
{
"db": "CERT/CC",
"id": "VU#902793"
},
{
"db": "CERT/CC",
"id": "VU#181737"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001236"
},
{
"db": "BID",
"id": "37328"
},
{
"db": "BID",
"id": "37325"
},
{
"db": "VULHUB",
"id": "VHN-41908"
}
],
"trust": 3.69
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-41908",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41908"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#181737",
"trust": 3.0
},
{
"db": "NVD",
"id": "CVE-2009-4462",
"trust": 2.8
},
{
"db": "VUPEN",
"id": "ADV-2009-3542",
"trust": 2.5
},
{
"db": "BID",
"id": "37325",
"trust": 2.2
},
{
"db": "CERT/CC",
"id": "VU#902793",
"trust": 1.1
},
{
"db": "BID",
"id": "37328",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "61506",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001236",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200912-401",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20091214 EXPOSING HMS HICP PROTOCOL + INTELLICOM NETBITERCONFIG.EXE REMOTE BUFFER OVERFLOW (NOT PATCHED)",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "33403",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "10451",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-86625",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-41908",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#902793"
},
{
"db": "CERT/CC",
"id": "VU#181737"
},
{
"db": "VULHUB",
"id": "VHN-41908"
},
{
"db": "BID",
"id": "37328"
},
{
"db": "BID",
"id": "37325"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001236"
},
{
"db": "NVD",
"id": "CVE-2009-4462"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-401"
}
]
},
"id": "VAR-200912-0339",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-41908"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:53:42.698000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ISFR-4404-0007",
"trust": 0.8,
"url": "http://support.intellicom.se/getfile.cfm?fid=150\u0026fpid=85"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001236"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41908"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001236"
},
{
"db": "NVD",
"id": "CVE-2009-4462"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.8,
"url": "http://reversemode.com/index.php?option=com_content\u0026task=view\u0026id=65\u0026itemid=1"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2009/3542"
},
{
"trust": 2.2,
"url": "http://www.kb.cert.org/vuls/id/181737"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/37325"
},
{
"trust": 1.6,
"url": "http://blog.48bits.com/?p=781"
},
{
"trust": 1.1,
"url": "http://support.intellicom.se/getfile.cfm?fid=151"
},
{
"trust": 1.1,
"url": "http://support.intellicom.se/news.cfm?nwid=33"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/508449/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://blog.48bits.com/2009/12/12/exposing-hms-hicp-protocol-0day-light/"
},
{
"trust": 1.0,
"url": "http://support.intellicom.se/getfile.cfm?fid=150\u0026fpid=85"
},
{
"trust": 0.8,
"url": "http://osvdb.com/show/osvdb/61506"
},
{
"trust": 0.8,
"url": "http://www.hms.se/products/prodindex.shtml"
},
{
"trust": 0.8,
"url": "http://www.anybus.com/products/abxsstech.shtml"
},
{
"trust": 0.8,
"url": "http://support.intellicom.se/getfile.cfm?fid=150"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/37328"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4462"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu181737/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-4462"
},
{
"trust": 0.6,
"url": "http://www.intellicom.se/"
},
{
"trust": 0.6,
"url": "/archive/1/508449"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/508449/100/0/threaded"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/902793"
},
{
"trust": 0.3,
"url": "http://www.intellicom.se/webscada.cfm"
},
{
"trust": 0.1,
"url": "http://support.intellicom.se/getfile.cfm?fid=150\u0026amp;fpid=85"
},
{
"trust": 0.1,
"url": "http://reversemode.com/index.php?option=com_content\u0026amp;task=view\u0026amp;id=65\u0026amp;itemid=1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#902793"
},
{
"db": "CERT/CC",
"id": "VU#181737"
},
{
"db": "VULHUB",
"id": "VHN-41908"
},
{
"db": "BID",
"id": "37328"
},
{
"db": "BID",
"id": "37325"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001236"
},
{
"db": "NVD",
"id": "CVE-2009-4462"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-401"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#902793"
},
{
"db": "CERT/CC",
"id": "VU#181737"
},
{
"db": "VULHUB",
"id": "VHN-41908"
},
{
"db": "BID",
"id": "37328"
},
{
"db": "BID",
"id": "37325"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001236"
},
{
"db": "NVD",
"id": "CVE-2009-4462"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-401"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-06T00:00:00",
"db": "CERT/CC",
"id": "VU#902793"
},
{
"date": "2010-03-24T00:00:00",
"db": "CERT/CC",
"id": "VU#181737"
},
{
"date": "2009-12-30T00:00:00",
"db": "VULHUB",
"id": "VHN-41908"
},
{
"date": "2009-12-14T00:00:00",
"db": "BID",
"id": "37328"
},
{
"date": "2009-12-14T00:00:00",
"db": "BID",
"id": "37325"
},
{
"date": "2010-04-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001236"
},
{
"date": "2009-12-30T20:00:01.157000",
"db": "NVD",
"id": "CVE-2009-4462"
},
{
"date": "2009-12-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200912-401"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-29T00:00:00",
"db": "CERT/CC",
"id": "VU#902793"
},
{
"date": "2010-03-26T00:00:00",
"db": "CERT/CC",
"id": "VU#181737"
},
{
"date": "2018-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-41908"
},
{
"date": "2010-04-06T17:32:00",
"db": "BID",
"id": "37328"
},
{
"date": "2010-03-25T16:42:00",
"db": "BID",
"id": "37325"
},
{
"date": "2010-04-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001236"
},
{
"date": "2018-10-10T19:49:12.573000",
"db": "NVD",
"id": "CVE-2009-4462"
},
{
"date": "2011-07-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200912-401"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "37328"
},
{
"db": "BID",
"id": "37325"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IntelliCom NetBiter devices have default HICP passwords",
"sources": [
{
"db": "CERT/CC",
"id": "VU#902793"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200912-401"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…