[Canvas] Agora 2.27, SCADA+ 1.27 are out
Yuriy Gurkin
audit at gleg.net
Fri Sep 6 14:11:19 EDT 2013
Agora 2.27:
contains 3 new defense modules for HP and Novell Zenworks software
along with 3 httpd server side exploits!
List:
- HP Data Protector 6.1 Command Execution
- HP Intelligent Management Center v. <= 5.1:e0202 Remote File Upload
- Novell ZENworks Configuration Management Remote Code Execution
- DeWeS web server Directory Traversal Vulnerability
- onehttpd 0.7 Denial of Service
- Ultra Mini HTTPD stack buffer overflow
SCADA+ 1.27:
contains 4 modules for 3S, pwStore, National Instruments industrial software.
This time all CVE listed.
- pwStore Denial of Service
- 3S CODESYS Gateway-Server <= 2.3.9.27 Directory traversal vulnerability.
- two modules for different National Instruments LabWindows/CVI,
LabVIEW, and other products ActiveXes.
Happy pentesting.
More information about the Canvas
mailing list