[Canvas] SCADA+ pack 1.45 and Medical Pack 1.4 are out !

Yuriy Gurkin audit at gleg.net
Thu Jun 4 10:11:52 EDT 2015

Excellent 0day remote auth bypass in ClearSCADA and  pretty funny public
vuln for DLink routers in 1.45 release:
- ClearSCADA Remote Authentication Bypass Exploit. [0Day]
- SCADA Elipse DLL Hijacking. public
- DLink Unauthenticated Remote DNS Change Exploit.

Medical Exploits package 1.4 contains nice [0days] this time:
- Clinic Pro Medical Software ActiveX Buffer Overflow. [0day]
- EncounterPRO-OS  DLL Hijacking sploit. [0day]
- Clinic Office command exec. sploit creates trojan in Startup Windows.

Happy hunting,
Gleg's development team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/canvas/attachments/20150604/bbe9f624/attachment.html>

More information about the Canvas mailing list