Vulnerability Description
Heap-based buffer overflow in Automated Solutions Modbus/TCP Master OPC Server before 3.0.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a MODBUS response packet with a crafted length field.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Automatedsolutions | Modbus\/Tcp Master Opc Server | <= 3.0.1 |
Related Weaknesses (CWE)
References
- http://automatedsolutions.com/pub/asmbtcpopc/readme.htm
- http://secunia.com/advisories/43029Vendor Advisory
- http://www.exploit-db.com/exploits/16040Exploit
- http://www.kb.cert.org/vuls/id/768840US Government Resource
- http://www.securityfocus.com/bid/45974Exploit
- http://www.us-cert.gov/control_systems/pdf/ICSA-10-322-02A.pdf
- http://www.vupen.com/english/advisories/2011/0209Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64944
- http://automatedsolutions.com/pub/asmbtcpopc/readme.htm
- http://secunia.com/advisories/43029Vendor Advisory
- http://www.exploit-db.com/exploits/16040Exploit
- http://www.kb.cert.org/vuls/id/768840US Government Resource
- http://www.securityfocus.com/bid/45974Exploit
- http://www.us-cert.gov/control_systems/pdf/ICSA-10-322-02A.pdf
- http://www.vupen.com/english/advisories/2011/0209Vendor Advisory
FAQ
What is CVE-2010-4709?
CVE-2010-4709 is a vulnerability with a CVSS score of 7.6 (HIGH). Heap-based buffer overflow in Automated Solutions Modbus/TCP Master OPC Server before 3.0.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a MODBU...
How severe is CVE-2010-4709?
CVE-2010-4709 has been rated HIGH with a CVSS base score of 7.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-4709?
Check the references section above for vendor advisories and patch information. Affected products include: Automatedsolutions Modbus\/Tcp Master Opc Server.