CVE-2011-3492

Azeotech DAQFactory <5.85.1853 - Buffer Overflow

Title source: llm

Description

Stack-based buffer overflow in Azeotech DAQFactory 5.85 build 1853 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted NETB packet to UDP port 20034.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/17855

View Code ZIP pw:eip

exploitdb WORKING POC

by Luigi Auriemma · textdoswindows

https://www.exploit-db.com/exploits/17841

View Code ZIP pw:eip

metasploit WORKING POC GOOD

by Luigi Auriemma · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/scada/daq_factory_bof.rb

View Code ZIP pw:eip

References (5)

[Exploit] http://aluigi.altervista.org/adv/daqfactory_1-adv.txt

[Third Party Advisory, VDB Entry] http://osvdb.org/75496

[Exploit] http://www.exploit-db.com/exploits/17855

[US Government Resource] http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-256-02.pdf

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/69764

Scores

EPSS 0.7830

EPSS Percentile 99.0%

Details

CWE

CWE-119

Status published

Products (49)

azeotech/daqfactory 3.0

azeotech/daqfactory 3.03

azeotech/daqfactory 3.5

azeotech/daqfactory 3.05

azeotech/daqfactory 3.09

azeotech/daqfactory 3.10

azeotech/daqfactory 3.11

azeotech/daqfactory 3.51

azeotech/daqfactory 3.52

azeotech/daqfactory 3.53

... and 39 more

Published Sep 16, 2011

Tracked Since Feb 18, 2026