Detections
Analytics
Ecava IntegraXor < 3.60.4081 Path Subversion Arbitrary DLL Injection Code Execution
critical Nessus Network Monitor Plugin ID 8403
Synopsis
A vulnerable version of Ecava IntegraXor has been detected.Description
Ecava IntegraXor versions prior to 3.60.4081 contain a flaw in the way dynamic-link libraries (DLLs) are loaded. IntegraXor uses a fixed path to look for specific DLLs, but this path could include directories that are not trusted or under user control. If a malicious DLL with the same name as a required DLL is located in the application's current working directory, the malicious DLL will be loaded. This allows an attacker to execute custom code that will run with the privilege of the program or user executing the program. This attack could be leveraged remotely by placing the malicious file or library on a network share or archive downloaded from a remote source.Solution
Upgrade to IntegraXor version 3.60.4081 or later.See Also
http://www.nessus.org/u?063b0edb
http://www.integraxor.com/blog/security-issue-dll-hijacking-vulnerability-note/
https://ics-cert.us-cert.gov/alerts/ICS-ALERT-10-362-01
https://ics-cert.us-cert.gov/advisories/ICSA-11-147-01B
http://msdn.microsoft.com/en-us/library/ff919712(VS.85).aspx
Plugin Details
Severity: Critical
ID: 8403
Family: SCADA
Published: 9/25/2014
Updated: 3/6/2019
Nessus ID: 55026
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 8.1
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 9.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:X/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:ecava:integraxor
Patch Publication Date: 5/30/2011
Vulnerability Publication Date: 5/30/2011
Reference Information
CVE: CVE-2010-4599
BID: 45549