CVE-2019-16265
https://notcve.org/view.php?id=CVE-2019-16265
CODESYS V2.3 ENI server up to V3.2.2.24 has a Buffer Overflow. El servidor CODESYS V2.3 ENI hasta la versión V3.2.2.24, presenta un desbordamiento de búfer. • https://customers.codesys.com/fileadmin/data/customers/security/2019/Advisory2019-09_LCDS-319.pdf https://www.codesys.com • CWE-787: Out-of-bounds Write •
CVE-2019-13538
https://notcve.org/view.php?id=CVE-2019-13538
3S-Smart Software Solutions GmbH CODESYS V3 Library Manager, all versions prior to 3.5.16.0, allows the system to display active library content without checking its validity, which may allow the contents of manipulated libraries to be displayed or executed. The issue also exists for source libraries, but 3S-Smart Software Solutions GmbH strongly recommends distributing compiled libraries only. 3S-Smart Software Solutions GmbH CODESYS versión V3 Library Manager, todas las versiones anteriores a la 3.5.16.0, permite que el sistema despliegue el contenido de la biblioteca activa sin comprobar su validez, lo que puede permitir que el contenido de las bibliotecas manipuladas sea mostrado o ejecutado. El problema también existe para las bibliotecas de fuente, pero 3S-Smart Software Solutions GmbH recomienda encarecidamente distribuir sólo las bibliotecas compiladas. • https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=12940&token=7723e5ed99830656f487e218e73dce2de751102f https://www.us-cert.gov/ics/advisories/icsa-19-255-02 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2011-5058
https://notcve.org/view.php?id=CVE-2011-5058
The CmbWebserver.dll module of the Control service in 3S CoDeSys 3.4 SP4 Patch 2 allows remote attackers to create arbitrary directories under the web root by specifying a non-existent directory using \ (backslash) characters in an HTTP GET request. El módulo CmbWebserver.dll del servicio de control de 3S CoDeSys v3.4 SP4 Patch 2 permite a atacantes remotos crear en la raíz web mediante la especificación de un directorio inexistente utilizando caracteres \ (barra invertida) en una petición HTTP GET. • http://aluigi.altervista.org/adv/codesys_1-adv.txt http://secunia.com/advisories/47018 http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-336-01A.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/72339 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2011-5009 – CoDeSys 3.4 - Null Pointer Invalid HTTP Request Parsing Remote Denial of Service
https://notcve.org/view.php?id=CVE-2011-5009
The CmpWebServer.dll module in the Control service in 3S CoDeSys 3.4 SP4 Patch 2 allows remote attackers to cause a denial of service (NULL pointer dereference) via (1) a crafted Content-Length in an HTTP POST or (2) an invalid HTTP request method. El módulo CmpWebServer.dll en el servicio de Control en 3S CoDeSys v3.4 SP4 Patch 2 permite a atacantes remotos causar una denegación de servicio (NULL pointer dereference) mediante (1) un Content-Length manipulado en un HTTP POST o (2) un método de solicitud HTTP inválido. • https://www.exploit-db.com/exploits/36378 https://www.exploit-db.com/exploits/36377 http://aluigi.altervista.org/adv/codesys_1-adv.txt http://seclists.org/bugtraq/2011/Nov/178 http://secunia.com/advisories/47018 http://www.osvdb.org/77388 http://www.osvdb.org/77389 http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-336-01A.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/71533 •
CVE-2011-5008
https://notcve.org/view.php?id=CVE-2011-5008
Integer overflow in the GatewayService component in 3S CoDeSys 3.4 SP4 Patch 2 allows remote attackers to execute arbitrary code via a large size value in the packet header, which triggers a heap-based buffer overflow. Desbordamiento de entero en el componente GatewayService en 3S CoDeSys v3.4 Parche 2 SP4 permite a atacantes remotos ejecutar código arbitrario mediante un valor de gran tamaño en la cabecera del paquete, lo que provoca un desbordamiento de búfer basado en heap (montón). • http://aluigi.altervista.org/adv/codesys_1-adv.txt http://seclists.org/bugtraq/2011/Nov/178 http://secunia.com/advisories/47018 http://www.osvdb.org/77386 http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-336-01A.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/71531 • CWE-189: Numeric Errors •