Signature Detail

HTTP: Trihedral VTScada Network Request Handling Remote Integer Overflow Denial of Service

This signature detects attempts to exploit a known vulnerability against Trihedral VTScada. A successful exploit can lead to the denial of service.

Extended Description

Integer overflow in Trihedral Engineering VTScada (formerly VTS) 6.5 through 9.x before 9.1.20, 10.x before 10.2.22, and 11.x before 11.1.07 allows remote attackers to cause a denial of service (server crash) via a crafted request, which triggers a large memory allocation.

Affected Products

• Trihedral vtscada 10.0
• Trihedral vtscada 10.0.11
• Trihedral vtscada 10.0.13
• Trihedral vtscada 10.0.14
• Trihedral vtscada 10.0.16
• Trihedral vtscada 10.0.17
• Trihedral vtscada 10.1
• Trihedral vtscada 10.1.05
• Trihedral vtscada 10.1.06
• Trihedral vtscada 10.1.07
• Trihedral vtscada 10.1.12
• Trihedral vtscada 10.2
• Trihedral vtscada 10.2.05
• Trihedral vtscada 10.2.07
• Trihedral vtscada 10.2.08
• Trihedral vtscada 10.2.11
• Trihedral vtscada 10.2.13
• Trihedral vtscada 10.2.14
• Trihedral vtscada 10.2.15
• Trihedral vtscada 10.2.17
• Trihedral vtscada 10.2.19
• Trihedral vtscada 10.2.20
• Trihedral vtscada 10.2.21
• Trihedral vtscada 11.0
• Trihedral vtscada 11.0.05
• Trihedral vtscada 11.0.07
• Trihedral vtscada 11.1
• Trihedral vtscada 11.1.05
• Trihedral vtscada 11.1.06
• Trihedral vtscada 6.5
• Trihedral vtscada 7.1.11
• Trihedral vtscada 8.0.05
• Trihedral vtscada 8.0.12
• Trihedral vtscada 8.0.16
• Trihedral vtscada 8.0.18
• Trihedral vtscada 8.1.05
• Trihedral vtscada 8.1.06
• Trihedral vtscada 9.0
• Trihedral vtscada 9.0.02
• Trihedral vtscada 9.0.03
• Trihedral vtscada 9.0.08
• Trihedral vtscada 9.1.02
• Trihedral vtscada 9.1.03
• Trihedral vtscada 9.1.05
• Trihedral vtscada 9.1.09
• Trihedral vtscada 9.1.11
• Trihedral vtscada 9.1.14
• Trihedral vtscada 9.1.14.01
• Trihedral vtscada 9.1.19

References

• CVE: CVE-2014-9192