[Canvas] SCADA 1.19, Agora 2.18 are out

Yuriy Gurkin audit at gleg.net
Wed Nov 7 02:06:49 EST 2012


Hi list,
SCADA+ 1.19 is out with two [0days] for SCADA!
We also continue to add info to network devices section... 3 modules
this time along with 1 [0day].
Listing: [Network Devices]:
 - [0day] AirTies rt104 router unauthorized download config
 - Directory Traversal Vulnerability in Sitecom Home Storage Center
 - Thomson twg850-4 Unauthenticated Backup File Access
[scada]:
 - [0day] WINCC v7.0 SP2 CCEServer.exe denial of service
 - [0day] Ge Fanuc Proficy HMI/SCADA CIMPLICITY WebView/ThinView
server 8.10.0000.18236 info disclosure

*********
Agora 2.18 contains several web modules and a client side:
[web]
ag_AB_Banner_Exchange_lfi - AB Banner Exchange Local File Inclusion"
ag_wordpress_cloudsafe365 - WordPress Cloudsafe365 Local File Inclusion
ag_webERP_DoS - webERP <=4.08.4 MySQL DoS
ag_Clipbucket - Clipbucket v2.x Arbitrary Delete Vulnerability
[other]
ag_EMC_ApplicationXtender - [0day] (diffferent method than in CVE) EMC
ApplicationXtender Web Access Remote Arbitrary File Replace
Minor bug fixes in mobile apps scan&sploit tool.


More information about the Canvas mailing list