[VIM] OPTIMA PLC Multiple Denial of Service Vulnerabilities

venkat venkat_kantha at securityfocus.com
Mon Oct 1 17:17:50 CDT 2012

Hey George,

Both BIDs are covering similar issues, however we couldn't conclude that 
both are exactly same issues.

BID 50658 was written for this CERT advisory: 
http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-332-03.pdf and 
BID 55712 for this advisory: 
http://www.us-cert.gov/control_systems/pdf/ICSA-12-271-02.pdf. If both 
these advisories were discussing about the same vulnerabilities, then 
ideally they should get the 2011 CVEs as these vulnerabilities were 
first disclosed in 2011, which is not the case.

Maybe someone from CERT can clear this confusion better.


On 27/09/12 23:56, George A. Theall wrote:
> Venkat or Rob, can you explain what the differences are between the newly issued BID 55712 and 50658, from last year? Both concern null pointer and endless loop vulnerabilities in Optima APIFTP Server discovered by Luigi Auriemma.
> George

More information about the VIM mailing list