IOServer XML Server URI Directory Traversal Arbitrary File Access

medium Nessus Plugin ID 62965

Synopsis

The remote host is affected by a directory traversal vulnerability, resulting in potential arbitrary file access.

Description

The remote host has a version of IOServer installed that is affected a directory traversal vulnerability in the XML server component. By sending a specially crafted GET request with a directory traversal URI to the server, it is possible to access the contents of arbitrary files on the remote host.

Note that this vulnerability only affects servers where the 'Root Directory' configuration value does not contain a trailing backslash.

Solution

Upgrade to IOServer 10.0.19.0 or later.

Plugin Details

Severity: Medium

ID: 62965

File Name: scada_ioserver_xml_server_directory_traversal.nbin

Version: 1.136

Type: remote

Family: SCADA

Published: 11/19/2012

Updated: 11/12/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.5

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2012-4680

Vulnerability Information

CPE: cpe:/h:ioserver:ioserver

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/20/2012

Vulnerability Publication Date: 8/17/2012

Reference Information

CVE: CVE-2012-4680

BID: 55093

ICSA: 12-258-01