CVSS: 7.6EPSS: 82%CPEs: 3EXPL: 2CVE-2008-2639 – CitectSCADA ODBC Server - Remote Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-2639
Stack-based buffer overflow in the ODBC server service in Citect CitectSCADA 6 and 7, and CitectFacilities 7, allows remote attackers to execute arbitrary code via a long string in the second application packet in a TCP session on port 20222. Desbordamiento de búfer basado en pila en el servicio del servidor ODBC en CitectSCADA 6 y 7 y CitectFacilities 7, permite a atacantes remotos ejecutar código arbitrario mediante una cadena larga en el segundo paquete de aplicación en una sesión TCP en el puerto 20222. • https://www.exploit-db.com/exploits/6387 https://www.exploit-db.com/exploits/16380 http://isc.sans.org/diary.html?storyid=4556 http://secunia.com/advisories/30638 http://securityreason.com/securityalert/3944 http://securitytracker.com/id?1020241 http://www.coresecurity.com/?action=item&id=2186 http://www.kb.cert.org/vuls/id/476345 http://www.kb.cert.org/vuls/id/CTAR-7ENQNH http://www.securityfocus.com/archive/1/493272/100/0/threaded http://www.securityfocus.c • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •