HTTP: Trihedral VTScada Network Request Handling Remote Integer Overflow Denial of Service

This signature detects attempts to exploit a known vulnerability against Trihedral VTScada. A successful exploit can lead to the denial of service.

Extended Description

Integer overflow in Trihedral Engineering VTScada (formerly VTS) 6.5 through 9.x before 9.1.20, 10.x before 10.2.22, and 11.x before 11.1.07 allows remote attackers to cause a denial of service (server crash) via a crafted request, which triggers a large memory allocation.

Affected Products

Trihedral vtscada

References

CVE: CVE-2014-9192

Short Name
HTTP:SCADA-WEB-INTERFACE-DOS
Severity
Minor
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2014-9192 Denial Handling Integer Network Overflow Remote Request Service Trihedral VTScada of
Release Date
02/02/2015
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3336
False Positive
Unknown
Vendors

Trihedral

CVSS Score

5.0

Found a potential security threat?