Test Kennung:	1.3.6.1.4.1.25623.1.0.802635
Kategorie:	Denial of Service
Titel:	xArrow Multiple Denial of Service Vulnerabilities
Zusammenfassung:	xArrow is prone to multiple denial of service vulnerabilities.
Beschreibung:	Summary: xArrow is prone to multiple denial of service vulnerabilities. Vulnerability Insight: - A NULL-pointer dereference error in SCADA.exe due to missing validation when allocating memory can be exploited to cause a crash via a specially crafted packet sent to TCP port 1975. - An error in SCADA.exe when allocating memory to process certain packets can be exploited to cause limited memory corruption and crash the service via a specially crafted packet sent to TCP port 1975. - An integer overflow error in SCADA.exe when processing certain packets can be exploited to cause a crash via a specially crafted datagram sent to UDP port 1974. - An error in SCADA.exe when processing certain packets can be exploited to cause a crash via a specially crafted datagram sent to UDP port 1974. Vulnerability Impact: Successful exploitation may allow remote attackers to execute arbitrary code or cause the application to crash. Affected Software/OS: xArrow versions before 3.4.1 Solution: Upgrade to xArrow version 3.4.1 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2012-2426 http://www.us-cert.gov/control_systems/pdf/ICSA-12-145-02.pdf Common Vulnerability Exposure (CVE) ID: CVE-2012-2427 Common Vulnerability Exposure (CVE) ID: CVE-2012-2428 Common Vulnerability Exposure (CVE) ID: CVE-2012-2429
Copyright	Copyright (C) 2012 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.