Reading material

Stuxnet expert and industry gadfly Ralph Langner was in attendance at S4 this year, as he has been in past years. This year, however, Langner had a new book to promote: Robust Control System Networks – a kind of call to arms for the industrial control sector to respond to a ‘post Stuxnet’ world...

Samsung Data Management Server (Update B)

Overview This updated website posting provides new information regarding Samsung’s process for acquiring the updated software to mitigate the reported vulnerability. José A. Guasch,http://www.SecurityByDefault.com reported a SQL injection vulnerability in the Samsung Data Management Server DMS...

CoDeSys 2.3 Buffer Overflow

/ CoDeSys v2.3 Industrial Control System Development Software Remote Buffer Overflow Exploit for CoDeSys Scada webserver Author : Celil UNUVER, SignalSEC Labs www.signalsec.com Tested on WinXP SP1 EN THIS CODE IS FOR EDUCATIONAL PURPOSES ONLY! --snip-- root@bt: ./codesys 192.168.1.36 CoDeSys v2.3...

CoDeSys SCADA 2.3 - Remote Buffer Overflow

CoDeSys SCADA 2.3 - Remote Buffer Overflow / See Also: http://aluigi.altervista.org/adv/codesys1-adv.txt CoDeSys v2.3 Industrial Control System Development Software Remote Buffer Overflow Exploit for CoDeSys Scada webserver Author : Celil UNUVER, SignalSEC Labs www.signalsec.com Tested on WinXP S...

CoDeSys SCADA v2.3 Remote Exploit

Exploit for windows platform in category remote exploits / CoDeSys v2.3 Industrial Control System Development Software Remote Buffer Overflow Exploit for CoDeSys Scada webserver Author : Celil UNUVER, SignalSEC Labs www.signalsec.com Tested on WinXP SP1 EN THIS CODE IS FOR EDUCATIONAL PURPOSES...

CoDeSys SCADA 2.3 - Remote Buffer Overflow

/ See Also: http://aluigi.altervista.org/adv/codesys1-adv.txt CoDeSys v2.3 Industrial Control System Development Software Remote Buffer Overflow Exploit for CoDeSys Scada webserver Author : Celil UNUVER, SignalSEC Labs www.signalsec.com Tested on WinXP SP1 EN THIS CODE IS FOR EDUCATIONAL PURPOSES...

Hackers destroyed a pump used by a US water utility

Hackers destroyed a pump used by a US water utility Hackers destroyed a pump used by a US water utility after gaining unauthorized access to the industrial control system it used to operate its machinery. Five computer screenshots posted early Friday purport to show the user interface used to...

Hackers destroyed a pump used by a US water utility

Hackers destroyed a pump used by a US water utility Hackers destroyed a pump used by a US water utility after gaining unauthorized access to the industrial control system it used to operate its machinery. Five computer screenshots posted early Friday purport to show the user interface used to...

DHS Thinks Some SCADA Problems Are Too Big To Call "Bug"

The Stuxnet worm may be the most famous piece of malicious software ever written. When it was first detected, a little over a year ago, the worm sounded a warning to nations around the world that critical infrastructure systems were potential targets of attack for foreign governments and cyber...

WellinTech KingView History Server Buffer Overflow

Overview ICS-CERT has received a report from the Zero Day Initiative ZDI concerning a heap-based buffer overflow vulnerability in WellinTech’s Kingview HistoryServer.exe, which may allow a remote, unauthenticated attacker to execute arbitrary code. This vulnerability was reported to ZDI by...

Kernel.org Linux Site Compromised

Attackers have compromised a number of servers at kernel.org that house the Linux kernel source code and were able to modify a number of files and log user activity on the machines. However, it appears right now as though the Linux source code repositories were not affected by the attack. A messa...

Cisco Security Advisory: Apache HTTPd Range Header Denial of Service Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Apache HTTPd Range Header Denial of Service Vulnerability Advisory ID: cisco-sa-20110830-apache Revision 1.0 For Public Release 2011 August 30 1600 UTC GMT Summary ======= The Apache HTTPd server contains a denial of service...

Safenet Sentinel and 7-T Input Sanitization Vulnerability

Overview ICS-CERT originally released advisory ICSA-11-314-01P on the US-CERT secure portal on November 14, 2011. This web page release was delayed to allow users time to download and install the update. Security researcher Carlos Mario Penagos Hollman of Synapse-labs has identified an input...

Progea Movicon Power HMI Vulnerabilities

Overview This advisory is a follow-up to the Alert titled “ICS-ALERT-11-256-01 – Progea Movicon PowerHMI Vulnerabilities” that was published September 13, 2011, on the ICS-CERT web page. Two buffer overflow and one memory corruption vulnerability were disclosed affecting the Progea Movicon’s...

Beckhoff TwinCAT Read Access Violation

Overview This Advisory is a follow-up to the Alert, ICS-ALERT-11-256-06—BECKHOFF TWINCAT READ ACCESS VIOLATION, that was published September 13, 2011, on the Industrial Control Systems Cyber Emergency Response Team ICS-CERT web page. ICS-CERT is aware of a public report of a read access violation...

Subversion "mod_dav_svn"多个拒绝服务和信息泄露漏洞

BUGTRAQ ID: 48091 CVE ID: CVE-2011-1752,CVE-2011-1783,CVE-2011-1921,CVE-2011-1921 Subversion是一个自由，开源的版本控制系统。 Subversion在moddavsvn的实现上存在多个拒绝服务和信息泄露漏洞，远程攻击者可利用这些漏洞使应用程序崩溃，消耗掉所有内存资源或获取敏感信息。 Subversion的moddavsvn Apache HTTPD服务器模块在某些情境中会进入不存在的且每次重复都分配内存的逻辑循环，最终消耗服务器上的所有内存。 Apache Group Subversion 1.x...

Rockwell RSLogix Overflow Vulnerability

Overview This updated advisory is a follow-up to the Alert titled “ICS-ALERT-11-256-05A—Rockwell RSLogix Overflow Vulnerability” that was published September 13, 2011, on the Industrial Control Systems Cyber Emergency Response Team ICS-CERT web page. ICS-CERT is aware of a public report of an...

mod_dav_svn, subversion security update

CentOS Errata and Security Advisory CESA-2011:0862 Updated subversion packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CV...

Siemens WinCC Flexible Runtime Heap Overflow

Overview ICS-CERT originally released Advisory ICSA-11-244-01P on the US-CERT secure Portal on September 01, 2011. This web page release was delayed to allow users sufficient time to download and install the update. Independent security researchers Billy Rios and Terry McCorkle have reported a...

GE Intelligent Platforms Proficy Plant Applications Buffer Overflow

Overview ICS CERT originally released Advisory ICSA-11-243-01P on the US-CERT secure Portal on August 31, 2011. This web page release was delayed to allow users time to download and install the update. ICS-CERT has received a report from GE concerning a stack-based buffer overflow vulnerability i...