CVE-2011-2963

TCPUploadServer.exe in Progea Movicon 11.2 before Build 1084 does not require authentication for critical functions, which allows remote attackers to obtain sensitive information, delete files, execute arbitrary programs, or cause a denial of service (crash) via a crafted packet to TCP port 10651.
Configurations

Configuration 1 (hide)

cpe:2.3:a:progea:movicon:11.2:*:*:*:*:*:*:*

History

21 Nov 2024, 01:29

Type Values Removed Values Added
References () http://www.exploit-db.com/exploits/17034 - Exploit () http://www.exploit-db.com/exploits/17034 - Exploit
References () http://www.osvdb.org/72888 - () http://www.osvdb.org/72888 -
References () http://www.securityfocus.com/bid/46907 - Exploit () http://www.securityfocus.com/bid/46907 - Exploit
References () http://www.us-cert.gov/control_systems/pdf/ICSA-11-056-01.pdf - Patch, US Government Resource () http://www.us-cert.gov/control_systems/pdf/ICSA-11-056-01.pdf - Patch, US Government Resource
References () http://www.us-cert.gov/control_systems/pdf/ICSA-11-056-01A.pdf - Patch, US Government Resource () http://www.us-cert.gov/control_systems/pdf/ICSA-11-056-01A.pdf - Patch, US Government Resource

Information

Published : 2011-07-29 19:55

Updated : 2024-11-21 01:29


NVD link : CVE-2011-2963

Mitre link : CVE-2011-2963

CVE.ORG link : CVE-2011-2963


JSON object : View

Products Affected

progea

  • movicon
CWE
CWE-287

Improper Authentication