[Canvas] SCADA+ 1.24, Agora 2.24 are out!
Yuriy Gurkin
audit at gleg.net
Tue May 14 15:31:16 EDT 2013
Hi list,
SCADA+ 1.24 pack version contains four new modules covering industrial
related software.
Among them 2 0days: DoS for Moxa tool and buffer overflow exploit for
Schnider Electric Web Designer.
List:
- Clorius Controls ICS SCADA Information Disclosure
- Mitsubishi MX ActiveX Component exploit
- MOXA Mass Configuration Tool Denial of Service [0Day]
- Schnider Electric Web Designer remote BOF bug [0Day]
Agora 2.24:
As always, pack containts fresh vulns in widely used web software
(huge number of installations in the Internet) and more...
List:
- McAfee Virtual Technician ActiveX exploit allowing Arbitrary File Replace
- Sysax Multi Server SSH Denial of Service
- WordPress Plugin Google Document Embedder Arbitrary File Disclosure
- Joomla com_collector Component Arbitrary File Upload Vulnerability
Regards.
More information about the Canvas
mailing list