[Canvas] SCADA+, Agora and Def packs are out

Yuriy Gurkin audit at gleg.net
Thu Dec 29 01:14:30 EST 2016

SCADA+ 1.61

- FESTO Robotino DoS 0-Day
- Reliance 4 Control Server Denial Of Service Vulnerability 0-Day
- Aspic 3.30 - All in One SCADA HMI system, telnet weakness 0-Day

Agora 2.60

- SysAid Help Desk Administrative account creating
- Symantec pcanywhere 12.5.0 buffer overflow CVE-2011-3478
- Tango DropBox Activex Heap Spray Exploit CVE-2007-3071
- Netsparker 2.3.X - Remote Code Execution Exploit
- Solarwinds Orion Service SQL Injection Vulnerability CVE-2014-9566
- Easy file sharing web server Stack buffer overflow
- Wordpress ibs-mappro Plugin 0.5 Arbitrary File Download
- WordPress Mailcwp 1.99  File Upload Vulnerability
- Wordpress Simple Backup Plugin v2.7.10 Arbitrary File Download
- Wordpess Simple Photo Gallery 1.7.8 - SQL Injection Vulnerability
- WordPress SP Projects And Document Manager File Upload

DefPack 1.14

- D-Link DI634M Router HTTP Service Crush
- Easy Internet Sharing Proxy Server 2.2 SEH Buffer Overflow
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/canvas/attachments/20161229/b350b460/attachment.html>

More information about the Canvas mailing list