MatrikonOPC A&E Historian Health Monitor Service Arbitrary

by Carol~ Moderator - 4/30/13 12:50 PM

In Reply to: VULNERABILITIES / FIXES - April 30, 2013 by Carol~ Moderator

MatrikonOPC A&E Historian Health Monitor Service Arbitrary File Disclosure Vulnerability

Release Date : 2013-04-30

Criticality level : Less critical
Impact : Exposure of sensitive information
Where : From local network
Solution Status: Vendor Patch

Software: MatrikonOPC A&E Historian 1.x

Description:
A vulnerability has been reported in MatrikonOPC A&E Historian, which can be exploited by malicious people to disclose certain sensitive information.

Certain input related to the Health Monitor service is not properly sanitised before being used to display files. This can be exploited to disclose contents of arbitrary files via directory traversal sequences by sending a specially crafted request to TCP port 8543.

The vulnerability is reported in version 1.0.0.0.

Solution:
Apply security patch.

Provided and/or discovered by:
The vendor credits Dillon Beresford, Cimation via ICS-CERT.

Original Advisory:
ICS-CERT:
http://ics-cert.us-cert.gov/advisories/ICSA-13-106-01

http://secunia.com/advisories/53245/