CVE-2009-4463 Information

Description

Intellicom NetBiter WebSCADA devices use default passwords for the HICP network configuration service which makes it easier for remote attackers to modify network settings and cause a denial of service. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product’s installation documentation. NOTE: this issue was originally reported to be hard-coded passwords not default passwords.

Reference

http://blog.48bits.com/?p=781 http://reversemode.com/index.php?option=com_content&task=view&id=65&Itemid=1 http://support.intellicom.se/getfile.cfm?FID=151 http://www.kb.cert.org/vuls/id/902793 http://www.osvdb.org/61506 http://www.securityfocus.com/archive/1/508449/100/0/threaded