DNP3 Link Layer Brute Force Addressing Disclosure

medium Nessus Plugin ID 23808

Language:

Synopsis

It is possible to determine the link layer address of a DNP3 station by iterating through likely values.

Description

The DNP3 protocol is a multi-layer protocol that begins with a link layer connection. The DNP3 link layer address is required to establish a link layer connection. The DNP3 link layer address for the host was easily guessed, and a valid DNP3 link layer connection was established.

If a link layer connection is successful, additional Read/Write operations to compromise the integrity process control data may be possible.

Solution

Select more complex link layer addresses or filter access to TCP port 20000.

Plugin Details

Severity: Medium

ID: 23808

File Name: scada_dnp3_guess_linkaddr.nbin

Version: 1.76

Type: remote

Family: SCADA

Published: 12/11/2006

Updated: 7/17/2024

Supported Sensors: Nessus

Detections

Analytics