Find a vulnerability
Search criteria
3 vulnerabilities found for netbiterconfig by intellicom
VAR-200912-0339
Vulnerability from variot - Updated: 2025-04-10 23:11Stack-based buffer overflow in the NetBiterConfig utility (NetBiterConfig.exe) 1.3.0 for Intellicom NetBiter WebSCADA allows remote attackers to execute arbitrary code via a long hn (hostname) parameter in a crafted HICP-protocol UDP packet. IntelliCom NetBiter devices ship with default passwords for the HICP network configuration service. An attacker with network access could exploit this vulnerability to execute arbitrary code with the privileges of the user running NetBiter Config. Successful exploits may allow attackers to gain privileged access to the device or network; other attacks may also be possible. NOTE: This BID is being retired as it has been determined to not be a vulnerability. The default password and instructions on changing it are detailed in the product documentation. Intellicom 'NetBiterConfig.exe' is prone to a remote stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Failed exploit attempts will result in a denial-of-service condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200912-0339",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "intellicom innovation ab",
"version": null
},
{
"model": "netbiterconfig",
"scope": "eq",
"trust": 1.6,
"vendor": "intellicom",
"version": "1.3.0"
},
{
"model": "netbiter config",
"scope": "lt",
"trust": 0.8,
"vendor": "intellicom innovation ab",
"version": "1.3.1 earlier"
},
{
"model": "innovation netbiter webscada ws200",
"scope": "eq",
"trust": 0.3,
"vendor": "intellicom",
"version": "0"
},
{
"model": "innovation netbiter webscada ws100",
"scope": "eq",
"trust": 0.3,
"vendor": "intellicom",
"version": "0"
},
{
"model": "innovation netbiterconfig.exe",
"scope": "eq",
"trust": 0.3,
"vendor": "intellicom",
"version": "1.3"
},
{
"model": "innovation netbiterconfig.exe",
"scope": "ne",
"trust": 0.3,
"vendor": "intellicom",
"version": "1.3.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#902793"
},
{
"db": "CERT/CC",
"id": "VU#181737"
},
{
"db": "BID",
"id": "37328"
},
{
"db": "BID",
"id": "37325"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001236"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-401"
},
{
"db": "NVD",
"id": "CVE-2009-4462"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:intellicom:netbiterconfig",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001236"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ruben Santamarta",
"sources": [
{
"db": "BID",
"id": "37328"
},
{
"db": "BID",
"id": "37325"
}
],
"trust": 0.6
},
"cve": "CVE-2009-4462",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2009-4462",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-41908",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2009-4462",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#181737",
"trust": 0.8,
"value": "0.48"
},
{
"author": "NVD",
"id": "CVE-2009-4462",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200912-401",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-41908",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#181737"
},
{
"db": "VULHUB",
"id": "VHN-41908"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001236"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-401"
},
{
"db": "NVD",
"id": "CVE-2009-4462"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in the NetBiterConfig utility (NetBiterConfig.exe) 1.3.0 for Intellicom NetBiter WebSCADA allows remote attackers to execute arbitrary code via a long hn (hostname) parameter in a crafted HICP-protocol UDP packet. IntelliCom NetBiter devices ship with default passwords for the HICP network configuration service. An attacker with network access could exploit this vulnerability to execute arbitrary code with the privileges of the user running NetBiter Config. \nSuccessful exploits may allow attackers to gain privileged access to the device or network; other attacks may also be possible. \nNOTE: This BID is being retired as it has been determined to not be a vulnerability. The default password and instructions on changing it are detailed in the product documentation. Intellicom \u0027NetBiterConfig.exe\u0027 is prone to a remote stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Failed exploit attempts will result in a denial-of-service condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-4462"
},
{
"db": "CERT/CC",
"id": "VU#902793"
},
{
"db": "CERT/CC",
"id": "VU#181737"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001236"
},
{
"db": "BID",
"id": "37328"
},
{
"db": "BID",
"id": "37325"
},
{
"db": "VULHUB",
"id": "VHN-41908"
}
],
"trust": 3.69
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-41908",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41908"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#181737",
"trust": 3.0
},
{
"db": "NVD",
"id": "CVE-2009-4462",
"trust": 2.8
},
{
"db": "VUPEN",
"id": "ADV-2009-3542",
"trust": 2.5
},
{
"db": "BID",
"id": "37325",
"trust": 2.2
},
{
"db": "CERT/CC",
"id": "VU#902793",
"trust": 1.1
},
{
"db": "BID",
"id": "37328",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "61506",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001236",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200912-401",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20091214 EXPOSING HMS HICP PROTOCOL + INTELLICOM NETBITERCONFIG.EXE REMOTE BUFFER OVERFLOW (NOT PATCHED)",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "33403",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "10451",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-86625",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-41908",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#902793"
},
{
"db": "CERT/CC",
"id": "VU#181737"
},
{
"db": "VULHUB",
"id": "VHN-41908"
},
{
"db": "BID",
"id": "37328"
},
{
"db": "BID",
"id": "37325"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001236"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-401"
},
{
"db": "NVD",
"id": "CVE-2009-4462"
}
]
},
"id": "VAR-200912-0339",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-41908"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-10T23:11:11.935000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ISFR-4404-0007",
"trust": 0.8,
"url": "http://support.intellicom.se/getfile.cfm?FID=150\u0026FPID=85"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001236"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41908"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001236"
},
{
"db": "NVD",
"id": "CVE-2009-4462"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.8,
"url": "http://reversemode.com/index.php?option=com_content\u0026task=view\u0026id=65\u0026itemid=1"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2009/3542"
},
{
"trust": 2.2,
"url": "http://www.kb.cert.org/vuls/id/181737"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/37325"
},
{
"trust": 1.6,
"url": "http://blog.48bits.com/?p=781"
},
{
"trust": 1.1,
"url": "http://support.intellicom.se/getfile.cfm?fid=151"
},
{
"trust": 1.1,
"url": "http://support.intellicom.se/news.cfm?nwid=33"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/508449/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://blog.48bits.com/2009/12/12/exposing-hms-hicp-protocol-0day-light/"
},
{
"trust": 1.0,
"url": "http://support.intellicom.se/getfile.cfm?fid=150\u0026fpid=85"
},
{
"trust": 0.8,
"url": "http://osvdb.com/show/osvdb/61506"
},
{
"trust": 0.8,
"url": "http://www.hms.se/products/prodindex.shtml"
},
{
"trust": 0.8,
"url": "http://www.anybus.com/products/abxsstech.shtml"
},
{
"trust": 0.8,
"url": "http://support.intellicom.se/getfile.cfm?fid=150"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/37328"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4462"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu181737/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-4462"
},
{
"trust": 0.6,
"url": "http://www.intellicom.se/"
},
{
"trust": 0.6,
"url": "/archive/1/508449"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/508449/100/0/threaded"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/902793"
},
{
"trust": 0.3,
"url": "http://www.intellicom.se/webscada.cfm"
},
{
"trust": 0.1,
"url": "http://support.intellicom.se/getfile.cfm?fid=150\u0026amp;fpid=85"
},
{
"trust": 0.1,
"url": "http://reversemode.com/index.php?option=com_content\u0026amp;task=view\u0026amp;id=65\u0026amp;itemid=1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#902793"
},
{
"db": "CERT/CC",
"id": "VU#181737"
},
{
"db": "VULHUB",
"id": "VHN-41908"
},
{
"db": "BID",
"id": "37328"
},
{
"db": "BID",
"id": "37325"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001236"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-401"
},
{
"db": "NVD",
"id": "CVE-2009-4462"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#902793"
},
{
"db": "CERT/CC",
"id": "VU#181737"
},
{
"db": "VULHUB",
"id": "VHN-41908"
},
{
"db": "BID",
"id": "37328"
},
{
"db": "BID",
"id": "37325"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001236"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-401"
},
{
"db": "NVD",
"id": "CVE-2009-4462"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-06T00:00:00",
"db": "CERT/CC",
"id": "VU#902793"
},
{
"date": "2010-03-24T00:00:00",
"db": "CERT/CC",
"id": "VU#181737"
},
{
"date": "2009-12-30T00:00:00",
"db": "VULHUB",
"id": "VHN-41908"
},
{
"date": "2009-12-14T00:00:00",
"db": "BID",
"id": "37328"
},
{
"date": "2009-12-14T00:00:00",
"db": "BID",
"id": "37325"
},
{
"date": "2010-04-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001236"
},
{
"date": "2009-12-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200912-401"
},
{
"date": "2009-12-30T20:00:01.157000",
"db": "NVD",
"id": "CVE-2009-4462"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-29T00:00:00",
"db": "CERT/CC",
"id": "VU#902793"
},
{
"date": "2010-03-26T00:00:00",
"db": "CERT/CC",
"id": "VU#181737"
},
{
"date": "2018-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-41908"
},
{
"date": "2010-04-06T17:32:00",
"db": "BID",
"id": "37328"
},
{
"date": "2010-03-25T16:42:00",
"db": "BID",
"id": "37325"
},
{
"date": "2010-04-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001236"
},
{
"date": "2011-07-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200912-401"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2009-4462"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "37328"
},
{
"db": "BID",
"id": "37325"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IntelliCom NetBiter devices have default HICP passwords",
"sources": [
{
"db": "CERT/CC",
"id": "VU#902793"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200912-401"
}
],
"trust": 0.6
}
}
CVE-2009-4462 (GCVE-0-2009-4462)
Vulnerability from nvd – Published: 2009-12-30 19:00 – Updated: 2024-08-07 07:01- n/a
| URL | Tags |
|---|---|
| http://www.kb.cert.org/vuls/id/181737 | third-party-advisoryx_refsource_CERT-VN |
| http://www.securityfocus.com/bid/37325 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2009/3542 | vdb-entryx_refsource_VUPEN |
| http://blog.48bits.com/2009/12/12/exposing-hms-hi… | x_refsource_MISC |
| http://reversemode.com/index.php?option=com_conte… | x_refsource_MISC |
| http://support.intellicom.se/getfile.cfm?FID=150&… | x_refsource_CONFIRM |
| http://www.securityfocus.com/archive/1/508449/100… | mailing-listx_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:01:20.712Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#181737",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/181737"
},
{
"name": "37325",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37325"
},
{
"name": "ADV-2009-3542",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3542"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.48bits.com/2009/12/12/exposing-hms-hicp-protocol-0day-light/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://reversemode.com/index.php?option=com_content\u0026task=view\u0026id=65\u0026Itemid=1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.intellicom.se/getfile.cfm?FID=150\u0026FPID=85"
},
{
"name": "20091214 Exposing HMS HICP Protocol + Intellicom NetBiterConfig.exe Remote Buffer Overflow (Not patched)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/508449/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-12-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the NetBiterConfig utility (NetBiterConfig.exe) 1.3.0 for Intellicom NetBiter WebSCADA allows remote attackers to execute arbitrary code via a long hn (hostname) parameter in a crafted HICP-protocol UDP packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#181737",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/181737"
},
{
"name": "37325",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37325"
},
{
"name": "ADV-2009-3542",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3542"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.48bits.com/2009/12/12/exposing-hms-hicp-protocol-0day-light/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://reversemode.com/index.php?option=com_content\u0026task=view\u0026id=65\u0026Itemid=1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.intellicom.se/getfile.cfm?FID=150\u0026FPID=85"
},
{
"name": "20091214 Exposing HMS HICP Protocol + Intellicom NetBiterConfig.exe Remote Buffer Overflow (Not patched)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/508449/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4462",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the NetBiterConfig utility (NetBiterConfig.exe) 1.3.0 for Intellicom NetBiter WebSCADA allows remote attackers to execute arbitrary code via a long hn (hostname) parameter in a crafted HICP-protocol UDP packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#181737",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/181737"
},
{
"name": "37325",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37325"
},
{
"name": "ADV-2009-3542",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3542"
},
{
"name": "http://blog.48bits.com/2009/12/12/exposing-hms-hicp-protocol-0day-light/",
"refsource": "MISC",
"url": "http://blog.48bits.com/2009/12/12/exposing-hms-hicp-protocol-0day-light/"
},
{
"name": "http://reversemode.com/index.php?option=com_content\u0026task=view\u0026id=65\u0026Itemid=1",
"refsource": "MISC",
"url": "http://reversemode.com/index.php?option=com_content\u0026task=view\u0026id=65\u0026Itemid=1"
},
{
"name": "http://support.intellicom.se/getfile.cfm?FID=150\u0026FPID=85",
"refsource": "CONFIRM",
"url": "http://support.intellicom.se/getfile.cfm?FID=150\u0026FPID=85"
},
{
"name": "20091214 Exposing HMS HICP Protocol + Intellicom NetBiterConfig.exe Remote Buffer Overflow (Not patched)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/508449/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4462",
"datePublished": "2009-12-30T19:00:00.000Z",
"dateReserved": "2009-12-30T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:01:20.712Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-4462 (GCVE-0-2009-4462)
Vulnerability from cvelistv5 – Published: 2009-12-30 19:00 – Updated: 2024-08-07 07:01- n/a
| URL | Tags |
|---|---|
| http://www.kb.cert.org/vuls/id/181737 | third-party-advisoryx_refsource_CERT-VN |
| http://www.securityfocus.com/bid/37325 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2009/3542 | vdb-entryx_refsource_VUPEN |
| http://blog.48bits.com/2009/12/12/exposing-hms-hi… | x_refsource_MISC |
| http://reversemode.com/index.php?option=com_conte… | x_refsource_MISC |
| http://support.intellicom.se/getfile.cfm?FID=150&… | x_refsource_CONFIRM |
| http://www.securityfocus.com/archive/1/508449/100… | mailing-listx_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:01:20.712Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#181737",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/181737"
},
{
"name": "37325",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37325"
},
{
"name": "ADV-2009-3542",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3542"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.48bits.com/2009/12/12/exposing-hms-hicp-protocol-0day-light/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://reversemode.com/index.php?option=com_content\u0026task=view\u0026id=65\u0026Itemid=1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.intellicom.se/getfile.cfm?FID=150\u0026FPID=85"
},
{
"name": "20091214 Exposing HMS HICP Protocol + Intellicom NetBiterConfig.exe Remote Buffer Overflow (Not patched)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/508449/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-12-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the NetBiterConfig utility (NetBiterConfig.exe) 1.3.0 for Intellicom NetBiter WebSCADA allows remote attackers to execute arbitrary code via a long hn (hostname) parameter in a crafted HICP-protocol UDP packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#181737",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/181737"
},
{
"name": "37325",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37325"
},
{
"name": "ADV-2009-3542",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3542"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.48bits.com/2009/12/12/exposing-hms-hicp-protocol-0day-light/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://reversemode.com/index.php?option=com_content\u0026task=view\u0026id=65\u0026Itemid=1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.intellicom.se/getfile.cfm?FID=150\u0026FPID=85"
},
{
"name": "20091214 Exposing HMS HICP Protocol + Intellicom NetBiterConfig.exe Remote Buffer Overflow (Not patched)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/508449/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4462",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the NetBiterConfig utility (NetBiterConfig.exe) 1.3.0 for Intellicom NetBiter WebSCADA allows remote attackers to execute arbitrary code via a long hn (hostname) parameter in a crafted HICP-protocol UDP packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#181737",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/181737"
},
{
"name": "37325",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37325"
},
{
"name": "ADV-2009-3542",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3542"
},
{
"name": "http://blog.48bits.com/2009/12/12/exposing-hms-hicp-protocol-0day-light/",
"refsource": "MISC",
"url": "http://blog.48bits.com/2009/12/12/exposing-hms-hicp-protocol-0day-light/"
},
{
"name": "http://reversemode.com/index.php?option=com_content\u0026task=view\u0026id=65\u0026Itemid=1",
"refsource": "MISC",
"url": "http://reversemode.com/index.php?option=com_content\u0026task=view\u0026id=65\u0026Itemid=1"
},
{
"name": "http://support.intellicom.se/getfile.cfm?FID=150\u0026FPID=85",
"refsource": "CONFIRM",
"url": "http://support.intellicom.se/getfile.cfm?FID=150\u0026FPID=85"
},
{
"name": "20091214 Exposing HMS HICP Protocol + Intellicom NetBiterConfig.exe Remote Buffer Overflow (Not patched)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/508449/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4462",
"datePublished": "2009-12-30T19:00:00.000Z",
"dateReserved": "2009-12-30T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:01:20.712Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}