132 matches found
Measuresoft ScadaPro Detection
Binary data scadameasuresoftscadaprodetect.nbin...
CVE-2012-1824
Untrusted search path vulnerability in Measuresoft ScadaPro Client before 4.0.0 and ScadaPro Server before 4.0.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory...
Design/Logic Flaw
Untrusted search path vulnerability in Measuresoft ScadaPro Client before 4.0.0 and ScadaPro Server before 4.0.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory...
CVE-2012-1824
CVE-2012-1824 affects Measuresoft ScadaPro Server and Client prior to version 4.0.0. The vulnerability is an Untrusted Search Path (DLL hijack) that lets a local attacker place a Trojan horse DLL in the current working directory to gain privileges. OpenVAS/Red Hat/NVD entries confirm a code execu...
CVE-2012-1824
Untrusted search path vulnerability in Measuresoft ScadaPro Client before 4.0.0 and ScadaPro Server before 4.0.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory...
Measuresoft ScadaPro xf Command Execution (CVE-2011-3490)
A command execution vulnerability has been reported in Measuresoft ScadaPro...
Measuresoft ScadaPro DLL Hijack
Overview Independent researcher Carlos Mario Penagos Hollmann identified a remotely exploitable, uncontrolled search path element vulnerability, commonly referred to as a DLL hijack, in Measuresoft’s ScadaPro application. Measuresoft has produced an upgrade to address this vulnerability. Mr...
Measuresoft ScadaPro xf Command Execution
Added: 11/28/2011 CVE: CVE-2011-3490 BID: 49613 OSVDB: 75490 Background ScadaPro is Real Time Data Acquisition software for Microsoft Windows. Problem ScadaPro version 4.0.0 and prior runs a legacy network service on UDP port 11234. This service contains multiple stack overflow and remote command...
Measuresoft ScadaPro xf Command Execution
Added: 11/28/2011 CVE: CVE-2011-3490 BID: 49613 OSVDB: 75490 Background ScadaPro is Real Time Data Acquisition software for Microsoft Windows. Problem ScadaPro version 4.0.0 and prior runs a legacy network service on UDP port 11234. This service contains multiple stack overflow and remote command...
Measuresoft ScadaPro xf Command Execution
Added: 11/28/2011 CVE: CVE-2011-3490 BID: 49613 OSVDB: 75490 Background ScadaPro is Real Time Data Acquisition software for Microsoft Windows. Problem ScadaPro version 4.0.0 and prior runs a legacy network service on UDP port 11234. This service contains multiple stack overflow and remote command...
Measuresoft ScadaPro xf Command Execution
Added: 11/28/2011 CVE: CVE-2011-3490 BID: 49613 OSVDB: 75490 Background ScadaPro is Real Time Data Acquisition software for Microsoft Windows. Problem ScadaPro version 4.0.0 and prior runs a legacy network service on UDP port 11234. This service contains multiple stack overflow and remote command...
Measuresoft ScadaPro 4.0.0 Remote Command Execution
$Id: scadaprocmdexe.rb 13737 2011-09-16 08:23:59Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
CVE-2011-3497
service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary DLL functions via the XF function, possibly related to an insecure exposed method...
CVE-2011-3495
Multiple directory traversal vulnerabilities in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to read, modify, or delete arbitrary files via the 1 RF, 2 wF, 3 UF, or 4 NF command...
CVE-2011-3496
service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 BF, 2 OF, or 3 EF command...
Design/Logic Flaw
service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary DLL functions via the XF function, possibly related to an insecure exposed method...
Directory traversal
Multiple directory traversal vulnerabilities in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to read, modify, or delete arbitrary files via the 1 RF, 2 wF, 3 UF, or 4 NF command...
CVE-2011-3497
Measuresoft ScadaPro 4.0.0 and earlier is affected by CVE-2011-3497 where remote attackers can trigger command execution by abusing the XF function in service.exe (insecure exposed method / directory traversal). The issue, tied to a broader set of vulnerabilities (stack overflow, insecure method ...
CVE-2011-3496
CVE-2011-3496 affects Measuresoft ScadaPro (server component service.exe) 4.0.0 and earlier. The vulnerability allows remote command execution by injecting shell metacharacters into the BF/OF/EF commands, potentially enabling remote code execution. Public indicators of exploitation exist (per lin...
CVE-2011-3495
Measuresoft ScadaPro 4.0.0 and earlier are affected by CVE-2011-3495, a directory traversal vulnerability in service.exe that allows remote attackers to read, modify, or delete arbitrary files via the RF, wF, UF, or NF commands. The issue impacts ScadaPro Server (non-credentialed remote access) a...