Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTA-2009-AVI-052
Vulnerability from certfr_avis - Published: 2009-02-05 - Updated: 2009-02-05
De multiples vulnérabilités ont été découvertes dans le système de gestion d'énergie e-terraplatform d'AREVA. L'exploitation de ces vulnérabilités permet de réaliser, entre autre, une exécution de code arbitraire à distance ou un déni de service à distance.
Description
Cinq vulnérabilités ont été découvertes dans le système de gestion d'énergie e-terraplatform d'AREVA :
- la première permet d'exécuter du code arbitraire à distance via un dépassement de mémoire ;
- trois autres vulnérabilités présentes au niveau des applications WebFGServer et NETIO permettent de réaliser un déni de service à distance ;
- la dernière vulnérabilité située au niveau de l'application WebFGServer permet à un utilisateur malveillant d'élever ses privilèges.
Solution
Contacter le support de l'application afin d'obtenir la mise à jour e-terrahabitat_560_P20081030_SEC.patch.
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "AREVA e-terrahabitat version 5.7 et versions ant\u00e9rieures.",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nCinq vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le syst\u00e8me de gestion\nd\u0027\u00e9nergie e-terraplatform d\u0027AREVA :\n\n- la premi\u00e8re permet d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance via un\n d\u00e9passement de m\u00e9moire ;\n- trois autres vuln\u00e9rabilit\u00e9s pr\u00e9sentes au niveau des applications\n WebFGServer et NETIO permettent de r\u00e9aliser un d\u00e9ni de service \u00e0\n distance ;\n- la derni\u00e8re vuln\u00e9rabilit\u00e9 situ\u00e9e au niveau de l\u0027application\n WebFGServer permet \u00e0 un utilisateur malveillant d\u0027\u00e9lever ses\n privil\u00e8ges.\n\n## Solution\n\nContacter le support de l\u0027application afin d\u0027obtenir la mise \u00e0 jour\ne-terrahabitat_560_P20081030_SEC.patch.\n",
"cves": [
{
"name": "CVE-2009-0210",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0210"
},
{
"name": "CVE-2009-0211",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0211"
},
{
"name": "CVE-2009-0212",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0212"
},
{
"name": "CVE-2009-0214",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0214"
},
{
"name": "CVE-2009-0213",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0213"
}
],
"initial_release_date": "2009-02-05T00:00:00",
"last_revision_date": "2009-02-05T00:00:00",
"links": [
{
"title": "Site de l\u0027\u00e9diteur :",
"url": "http://www.areva.com"
},
{
"title": "Note de vuln\u00e9rabilit\u00e9 de l\u0027US-CERT VU#337569 du 05 f\u00e9vrier 2009 :",
"url": "http://www.kb.cert.org/vuls/id/337569"
}
],
"reference": "CERTA-2009-AVI-052",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2009-02-05T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le syst\u00e8me de\ngestion d\u0027\u00e9nergie e-terraplatform d\u0027AREVA. L\u0027exploitation de ces\nvuln\u00e9rabilit\u00e9s permet de r\u00e9aliser, entre autre, une ex\u00e9cution de code\narbitraire \u00e0 distance ou un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s du syst\u00e8me SCADA e-terrahabitat d\u0027AREVA",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 de l\u0027US-CERT num\u00e9ro VU#337569 du 05 f\u00e9vrier 2009",
"url": null
}
]
}
CVE-2009-0211 (GCVE-0-2009-0211)
Vulnerability from cvelistv5 – Published: 2009-02-08 22:00 – Updated: 2024-08-07 04:24
VLAI?
EPSS
Summary
Unspecified vulnerability in the WebFGServer application in AREVA e-terrahabitat 5.7 and earlier allows remote attackers to cause a denial of service (system crash) via unknown vectors, aka PD32018.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:24:18.183Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20090205 C4 SCADA Security Advisory - AREVA e-terrahabitat / e-terraplatform Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/500689/100/0/threaded"
},
{
"name": "33837",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33837"
},
{
"name": "33637",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/33637"
},
{
"name": "VU#337569",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/337569"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.scada-security.com/vulnerabilities/areva1.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-02-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the WebFGServer application in AREVA e-terrahabitat 5.7 and earlier allows remote attackers to cause a denial of service (system crash) via unknown vectors, aka PD32018."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "20090205 C4 SCADA Security Advisory - AREVA e-terrahabitat / e-terraplatform Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/500689/100/0/threaded"
},
{
"name": "33837",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33837"
},
{
"name": "33637",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/33637"
},
{
"name": "VU#337569",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/337569"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.scada-security.com/vulnerabilities/areva1.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2009-0211",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the WebFGServer application in AREVA e-terrahabitat 5.7 and earlier allows remote attackers to cause a denial of service (system crash) via unknown vectors, aka PD32018."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20090205 C4 SCADA Security Advisory - AREVA e-terrahabitat / e-terraplatform Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/500689/100/0/threaded"
},
{
"name": "33837",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33837"
},
{
"name": "33637",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33637"
},
{
"name": "VU#337569",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/337569"
},
{
"name": "http://www.scada-security.com/vulnerabilities/areva1.html",
"refsource": "MISC",
"url": "http://www.scada-security.com/vulnerabilities/areva1.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2009-0211",
"datePublished": "2009-02-08T22:00:00",
"dateReserved": "2009-01-20T00:00:00",
"dateUpdated": "2024-08-07T04:24:18.183Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0212 (GCVE-0-2009-0212)
Vulnerability from cvelistv5 – Published: 2009-02-08 22:00 – Updated: 2024-08-07 04:24
VLAI?
EPSS
Summary
Unspecified vulnerability in the WebFGServer application in AREVA e-terrahabitat 5.7 and earlier allows remote attackers to cause a denial of service (system crash) via unknown vectors, aka PD32020.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:24:18.184Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20090205 C4 SCADA Security Advisory - AREVA e-terrahabitat / e-terraplatform Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/500689/100/0/threaded"
},
{
"name": "33837",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33837"
},
{
"name": "33637",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/33637"
},
{
"name": "VU#337569",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/337569"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.scada-security.com/vulnerabilities/areva1.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-02-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the WebFGServer application in AREVA e-terrahabitat 5.7 and earlier allows remote attackers to cause a denial of service (system crash) via unknown vectors, aka PD32020."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "20090205 C4 SCADA Security Advisory - AREVA e-terrahabitat / e-terraplatform Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/500689/100/0/threaded"
},
{
"name": "33837",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33837"
},
{
"name": "33637",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/33637"
},
{
"name": "VU#337569",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/337569"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.scada-security.com/vulnerabilities/areva1.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2009-0212",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the WebFGServer application in AREVA e-terrahabitat 5.7 and earlier allows remote attackers to cause a denial of service (system crash) via unknown vectors, aka PD32020."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20090205 C4 SCADA Security Advisory - AREVA e-terrahabitat / e-terraplatform Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/500689/100/0/threaded"
},
{
"name": "33837",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33837"
},
{
"name": "33637",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33637"
},
{
"name": "VU#337569",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/337569"
},
{
"name": "http://www.scada-security.com/vulnerabilities/areva1.html",
"refsource": "MISC",
"url": "http://www.scada-security.com/vulnerabilities/areva1.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2009-0212",
"datePublished": "2009-02-08T22:00:00",
"dateReserved": "2009-01-20T00:00:00",
"dateUpdated": "2024-08-07T04:24:18.184Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0210 (GCVE-0-2009-0210)
Vulnerability from cvelistv5 – Published: 2009-02-08 22:00 – Updated: 2024-08-07 04:24
VLAI?
EPSS
Summary
Buffer overflow in the MLF application in AREVA e-terrahabitat 5.7 and earlier allows remote attackers to execute arbitrary commands or cause a denial of service (system crash) via unspecified vectors, aka PD28578.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:24:18.324Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20090205 C4 SCADA Security Advisory - AREVA e-terrahabitat / e-terraplatform Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/500689/100/0/threaded"
},
{
"name": "33837",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33837"
},
{
"name": "33637",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/33637"
},
{
"name": "VU#337569",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/337569"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.scada-security.com/vulnerabilities/areva1.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-02-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the MLF application in AREVA e-terrahabitat 5.7 and earlier allows remote attackers to execute arbitrary commands or cause a denial of service (system crash) via unspecified vectors, aka PD28578."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "20090205 C4 SCADA Security Advisory - AREVA e-terrahabitat / e-terraplatform Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/500689/100/0/threaded"
},
{
"name": "33837",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33837"
},
{
"name": "33637",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/33637"
},
{
"name": "VU#337569",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/337569"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.scada-security.com/vulnerabilities/areva1.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2009-0210",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the MLF application in AREVA e-terrahabitat 5.7 and earlier allows remote attackers to execute arbitrary commands or cause a denial of service (system crash) via unspecified vectors, aka PD28578."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20090205 C4 SCADA Security Advisory - AREVA e-terrahabitat / e-terraplatform Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/500689/100/0/threaded"
},
{
"name": "33837",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33837"
},
{
"name": "33637",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33637"
},
{
"name": "VU#337569",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/337569"
},
{
"name": "http://www.scada-security.com/vulnerabilities/areva1.html",
"refsource": "MISC",
"url": "http://www.scada-security.com/vulnerabilities/areva1.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2009-0210",
"datePublished": "2009-02-08T22:00:00",
"dateReserved": "2009-01-20T00:00:00",
"dateUpdated": "2024-08-07T04:24:18.324Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0213 (GCVE-0-2009-0213)
Vulnerability from cvelistv5 – Published: 2009-02-08 22:00 – Updated: 2024-08-07 04:24
VLAI?
EPSS
Summary
Unspecified vulnerability in the NETIO application in AREVA e-terrahabitat 5.7 and earlier allows remote attackers to cause a denial of service (system crash) via unknown vectors, aka PD32021.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:24:18.247Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20090205 C4 SCADA Security Advisory - AREVA e-terrahabitat / e-terraplatform Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/500689/100/0/threaded"
},
{
"name": "33837",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33837"
},
{
"name": "33637",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/33637"
},
{
"name": "VU#337569",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/337569"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.scada-security.com/vulnerabilities/areva1.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-02-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the NETIO application in AREVA e-terrahabitat 5.7 and earlier allows remote attackers to cause a denial of service (system crash) via unknown vectors, aka PD32021."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "20090205 C4 SCADA Security Advisory - AREVA e-terrahabitat / e-terraplatform Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/500689/100/0/threaded"
},
{
"name": "33837",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33837"
},
{
"name": "33637",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/33637"
},
{
"name": "VU#337569",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/337569"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.scada-security.com/vulnerabilities/areva1.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2009-0213",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the NETIO application in AREVA e-terrahabitat 5.7 and earlier allows remote attackers to cause a denial of service (system crash) via unknown vectors, aka PD32021."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20090205 C4 SCADA Security Advisory - AREVA e-terrahabitat / e-terraplatform Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/500689/100/0/threaded"
},
{
"name": "33837",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33837"
},
{
"name": "33637",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33637"
},
{
"name": "VU#337569",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/337569"
},
{
"name": "http://www.scada-security.com/vulnerabilities/areva1.html",
"refsource": "MISC",
"url": "http://www.scada-security.com/vulnerabilities/areva1.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2009-0213",
"datePublished": "2009-02-08T22:00:00",
"dateReserved": "2009-01-20T00:00:00",
"dateUpdated": "2024-08-07T04:24:18.247Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0214 (GCVE-0-2009-0214)
Vulnerability from cvelistv5 – Published: 2009-02-08 22:00 – Updated: 2024-08-07 04:24
VLAI?
EPSS
Summary
Unspecified vulnerability in the WebFGServer application in AREVA e-terrahabitat 5.7 and earlier allows remote authenticated users to gain privileges via unknown vectors, aka PD32022.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:24:18.351Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20090205 C4 SCADA Security Advisory - AREVA e-terrahabitat / e-terraplatform Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/500689/100/0/threaded"
},
{
"name": "33837",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33837"
},
{
"name": "33637",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/33637"
},
{
"name": "VU#337569",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/337569"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.scada-security.com/vulnerabilities/areva1.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-02-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the WebFGServer application in AREVA e-terrahabitat 5.7 and earlier allows remote authenticated users to gain privileges via unknown vectors, aka PD32022."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "20090205 C4 SCADA Security Advisory - AREVA e-terrahabitat / e-terraplatform Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/500689/100/0/threaded"
},
{
"name": "33837",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33837"
},
{
"name": "33637",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/33637"
},
{
"name": "VU#337569",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/337569"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.scada-security.com/vulnerabilities/areva1.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2009-0214",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the WebFGServer application in AREVA e-terrahabitat 5.7 and earlier allows remote authenticated users to gain privileges via unknown vectors, aka PD32022."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20090205 C4 SCADA Security Advisory - AREVA e-terrahabitat / e-terraplatform Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/500689/100/0/threaded"
},
{
"name": "33837",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33837"
},
{
"name": "33637",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33637"
},
{
"name": "VU#337569",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/337569"
},
{
"name": "http://www.scada-security.com/vulnerabilities/areva1.html",
"refsource": "MISC",
"url": "http://www.scada-security.com/vulnerabilities/areva1.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2009-0214",
"datePublished": "2009-02-08T22:00:00",
"dateReserved": "2009-01-20T00:00:00",
"dateUpdated": "2024-08-07T04:24:18.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…