Vulnerability Description
Directory traversal vulnerability in IGSSdataServer.exe 9.00.00.11063 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) allows remote attackers to (1) read (opcode 0x3) or (2) create or write (opcode 0x2) arbitrary files via ..\ (dot dot backslash) sequences to TCP port 12401.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| 7T | Igss | All versions |
Related Weaknesses (CWE)
References
- http://aluigi.org/adv/igss_1-adv.txtExploit
- http://secunia.com/advisories/43849Vendor Advisory
- http://securityreason.com/securityalert/8178
- http://www.exploit-db.com/exploits/17024Exploit
- http://www.securityfocus.com/bid/46936Exploit
- http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-080-03.pdfUS Government Resource
- http://www.vupen.com/english/advisories/2011/0741Vendor Advisory
- http://aluigi.org/adv/igss_1-adv.txtExploit
- http://secunia.com/advisories/43849Vendor Advisory
- http://securityreason.com/securityalert/8178
- http://www.exploit-db.com/exploits/17024Exploit
- http://www.securityfocus.com/bid/46936Exploit
- http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-080-03.pdfUS Government Resource
- http://www.vupen.com/english/advisories/2011/0741Vendor Advisory
FAQ
What is CVE-2011-1565?
CVE-2011-1565 is a vulnerability with a CVSS score of 10.0 (HIGH). Directory traversal vulnerability in IGSSdataServer.exe 9.00.00.11063 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) allows remote attackers to (1) read (opcode 0x3) or (2) cr...
How severe is CVE-2011-1565?
CVE-2011-1565 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-1565?
Check the references section above for vendor advisories and patch information. Affected products include: 7T Igss.