Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 SCADA:3S-CODESYS-GWS-DIRTRVRSL

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 SCADA

Keywords

 3S CoDeSys Gateway Server Directory Traversal

Release Date

 2013/03/15

Update Number

 2246

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

SCADA: 3S CoDeSys Gateway Server Directory Traversal


This signature detects attempts to exploit a known issue in 3S CoDeSys Gateway Server. Successful attack attempts could allow an attacker to view or overwrite sensitive system files.

Extended Description

Directory traversal vulnerability in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors involving a crafted pathname.

Affected Products

  • 3s-software codesys_gateway-server 2.3.5.1
  • 3s-software codesys_gateway-server 2.3.5.2
  • 3s-software codesys_gateway-server 2.3.5.3
  • 3s-software codesys_gateway-server 2.3.6.0
  • 3s-software codesys_gateway-server 2.3.7.0
  • 3s-software codesys_gateway-server 2.3.8.0
  • 3s-software codesys_gateway-server 2.3.8.1
  • 3s-software codesys_gateway-server 2.3.8.2
  • 3s-software codesys_gateway-server 2.3.9
  • 3s-software codesys_gateway-server 2.3.9.1
  • 3s-software codesys_gateway-server 2.3.9.18
  • 3s-software codesys_gateway-server 2.3.9.19
  • 3s-software codesys_gateway-server 2.3.9.2
  • 3s-software codesys_gateway-server 2.3.9.3
  • 3s-software codesys_gateway-server 2.3.9.4
  • 3s-software codesys_gateway-server 2.3.9.5
  • 3s-software codesys_gateway-server up to 2.3.9.20

References

  • CVE: CVE-2012-4705

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out