CVE-2013-0680
published 2013-04-05CVE-2013-0680: Stack-based buffer overflow in the web server in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22…
PriorityP357high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
19.26%
97.0th percentile
Stack-based buffer overflow in the web server in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long HTTP header.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cogentdatahub | cascade_datahub | <= 6.4.21 | — |
| cogentdatahub | cascade_datahub | — | — |
| cogentdatahub | cogent_datahub | <= 7.2.2 | — |
| cogentdatahub | cogent_datahub | — | — |
| cogentdatahub | cogent_datahub | — | — |
| cogentdatahub | cogent_datahub | — | — |
| cogentdatahub | cogent_datahub | — | — |
| cogentdatahub | cogent_datahub | — | — |
| cogentdatahub | cogent_datahub | — | — |
| cogentdatahub | datahub_quicktrend | <= 7.2.2 | — |
| cogentdatahub | opc_datahub | <= 6.4.21 | — |
| cogentdatahub | opc_datahub | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect anomalously long HTTP header values in requests to the Cogent DataHub web server on ports 80/TCP and 443/TCP; a stack-based buffer overflow is triggered by an unusually long HTTP header parameter. ↗
- →The vulnerable code path involves a dangerous use of strncpy() while handling HTTP headers; look for oversized HTTP header fields in traffic destined for Cogent DataHub HTTP server. ↗
- →Monitor for exploitation attempts against Cogent DataHub 7.3.0 (Demo) on Windows XP SP3, as this is the confirmed tested environment for the Metasploit module. ↗
- ·The DataHub web server can be disabled entirely if not in use; if disabled, the HTTP-based attack surface for CVE-2013-0680 is eliminated. ↗
- ·Ports 80/TCP (and 443/TCP) should be blocked at the firewall if internet-facing access to the DataHub is not required, limiting exploitation to local network attackers only. ↗
- ·A public Metasploit exploit module exists for this vulnerability (cogent_datahub_request_headers_bof.rb), contradicting the CISA advisory's claim of no known public exploits at time of original publication. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-qx4c-vrr4-xjc6: Stack-based buffer overflow in the web server in Cogent Real-Time Systems Cogent DataHub before 7
ghsa_unreviewed·2022-05-17
CVE-2013-0680 [HIGH] CWE-119 GHSA-qx4c-vrr4-xjc6: Stack-based buffer overflow in the web server in Cogent Real-Time Systems Cogent DataHub before 7
Stack-based buffer overflow in the web server in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long HTTP header.
CISA ICS
Cogent Real-Time Systems Vulnerabilities
cisa_ics·2014-02-13
Cogent Real-Time Systems Vulnerabilities
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Cogent Real-Time Systems Vulnerabilities
Last RevisedFebruary 13, 2014
Alert CodeICSA-13-095-01
## Overview
Dillon Beresford of Cimation has identified four vulnerabilities in the Cogent Real-Time Systems DataHub application. Cogent has produced an update that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely.
## Affected Products
Cogent Real-Time Systems reports that these vulnerabilities affect the following versions:
- Cogent DataHub Version 7.2.2 and earlier,
- OPC DataHub Version 6.4.21 and earlier,
- Cascade DataHub for Windows Version
No detection rules found.
No writeups or analysis indexed.
2013-04-05
Published