{"vuid":"VU#979776","idnumber":"979776","name":"Ecava IntegraXor web service allows directory traversal outside of web root","keywords":["ecava","IntegraXor"],"overview":"Ecava IntegraXor contains a directory traversal vulnerability","clean_desc":"According to Ecava's website: IntegraXor is a suite of tools used to create and run a web-based HMI interface for a Supervisory Control and Data Acquisition (SCADA) system. Ecava IntegraXor runs a web service that listens on port 7131/tcp. The web service in this product is vulnerable to a directory traversal vulnerability. Public exploit code is available.","impact":"A remote attacker can access files outside of the web application or document root by supplying a crafted URL to an vulnerable system.","resolution":"Ecava has released a patch to mitigate the vulnerability and has notified its customer base of the availability of the patch.","workarounds":"Restrict Access Enable firewall rules to restrict access for port 7131/tcp to only trusted sources.","sysaffected":"","thanks":"This vulnerability was publicly disclosed by \nLuigi Auriemma.","author":"This document was written by Michael Orlando.","public":["http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-10-355-01.pdf","http://www.exploit-db.com/exploits/15802/","http://www.integraxor.com/blog/integraxor-3-6-scada-security-issue-20101222-0323-vulnerability-note"],"cveids":["CVE-2010-4598"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2010-12-21T15:59:28Z","publicdate":"2010-12-21T00:00:00Z","datefirstpublished":"2011-01-11T13:26:21Z","dateupdated":"2011-01-12T18:01:25Z","revision":12,"vrda_d1_directreport":"0","vrda_d1_population":"3","vrda_d1_impact":"3","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"15","cam_population":"10","cam_impact":"8","cam_easeofexploitation":"20","cam_attackeraccessrequired":"20","cam_scorecurrent":"18","cam_scorecurrentwidelyknown":"21","cam_scorecurrentwidelyknownexploited":"33","ipprotocol":"tcp","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":18.0,"vulnote":null}