what you don't know can hurt you
Showing 1 - 9 of 9 RSS Feed

Files

ICS-CERT Advisory - GarrettCom Privilege Escalation
Posted Sep 6, 2012
Authored by ICS-CERT | Site ics-cert.org

ICS-CERT Advisory 12-243-01 - Independent security researcher Justin W. Clarke of Cylance Inc. has identified a privilege-escalation vulnerability in the GarrettCom Magnum MNS-6K Management Software application via the use of a hard-coded password. This vulnerability could allow a remote attacker with any level of access to the system to escalate the attacker’s privilege to the administrative level. The attacker must have access to a logon account on the device to exploit this vulnerability. GarrettCom has produced a patch that mitigates this vulnerability.

tags | advisory, remote
advisories | CVE-2012-3014
MD5 | 9d5c77b9c4334b7172c9b0b201e2b0be

Related Files

ICS-CERT Advisory - Sauter ModuWEB Vision SCADA
Posted Feb 5, 2016
Authored by Martin Jartelius

ICS-CERT Advisory 16-033-01 - Sauter ModuWEB Vision SCADA suffers from cross site scripting, insecure credential storage, and insecure transmission of credential vulnerabilities.

tags | advisory, vulnerability, xss
advisories | CVE-2015-7914, CVE-2015-7915, CVE-2015-7916
MD5 | 95191a4e44ed67f9944317bc86ed1820
PicsArt Photo Studio For Android Insecure Management
Posted Nov 7, 2014
Authored by Will Dormann, Joaquin Manuel Rinaudo

PicsArt Photo Studio for Android fails to properly validate SSL certificates from the server.

tags | exploit
advisories | CVE-2014-5674
MD5 | a0fee6b13effd17282e386ea6768b9ec
ICS-CERT Advisory - Schneider Electric Wonderware
Posted Sep 1, 2014
Authored by ICS-CERT | Site ics-cert.org

ICS-CERT Advisory 14-238-02 - Timur Yunusov, Ilya Karpov, Sergey Gordeychik, Alexey Osipov, and Dmitry Serebryannikov of the Positive Technologies Research Team have identified four vulnerabilities in the Schneider Electric Wonderware Information Server (WIS). Schneider Electric has produced an update that mitigates these vulnerabilities. Some of these vulnerabilities could be exploited remotely.

tags | advisory, vulnerability
advisories | CVE-2014-2380, CVE-2014-2381, CVE-2014-5397, CVE-2014-5398, CVE-2014-5399
MD5 | 2383565ae6a291f8b0eb74445c98e623
ICS-CERT Advisory - Siemens WinCC 7.0 SP3
Posted Mar 21, 2013
Authored by ICS-CERT | Site ics-cert.org

ICS-CERT Advisory 13-079-02 - This advisory provides mitigation details for vulnerabilities that impact the Siemens SIMATIC WinCC. Independent researcher Sergey Gordeychik of Positive Technologies and Siemens ProductCERT have identified multiple vulnerabilities in the Siemens SIMATIC WinCC, which is used to configure SIMATIC operator devices. Siemens has produced a software update that fully resolves these vulnerabilities. Exploitation of these vulnerabilities could allow a denial of service (DoS) condition, unauthorized read access to files, or remote code execution. This could affect multiple industries, including food and beverage, water and wastewater, oil and gas, and chemical sectors worldwide. These vulnerabilities could be exploited remotely.

tags | advisory, remote, denial of service, vulnerability, code execution
advisories | CVE-2013-0678, CVE-2013-0676, CVE-2013-0679, CVE-2013-0674, CVE-2013-0677, CVE-2013-0675
MD5 | e17b9b89ee4deda873aa27159f672b00
ICS-CERT Advisory - C3-ILEX EOSCADA DoS / Leakage
Posted Nov 3, 2012
Authored by ICS-CERT, Dale Peterson | Site ics-cert.org

ICS-CERT Advisory 12-271-01 - This Advisory is a follow-up release to the original Advisory which was posted to the US-CERT secure Portal library October 08, 2012. Dale Peterson of Digital Bond has identified multiple vulnerabilities in the C3-ilex's EOScada application that can result in data leakage and a denial-of-service (DoS) condition. C3-ilex has produced a patch that resolves these vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2012-1810, CVE-2012-1811, CVE-2012-1812, CVE-2012-1813
MD5 | 8083cc189993e17a6f5d9b0a0603c0d6
ICS-CERT Advisory - Tridium Niagara Issues
Posted Aug 17, 2012
Authored by ICS-CERT | Site ics-cert.org

ICS-CERT Advisory ICSA-12-228-01 - Independent security researchers Billy Rios and Terry McCorkle have identified multiple vulnerabilities in the Tridium Niagara AX Framework software. The vulnerabilities include directory traversal, weak credential storage, session cookie weaknesses, and predictable session IDs, all of which can be exploited remotely. All known versions of the Tridium Niagara AX Framework software products are susceptible to these vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2012-4027, CVE-2012-4028, CVE-2012-3025, CVE-2012-3024
MD5 | b06e40e7ae0926a970fbe505f761c4c7
Semantics-Aware-Malware-Detection.pdf
Posted Nov 1, 2006

SemanticsAware Malware Detection.

tags | paper
MD5 | 40e27c959fc89ddb994d55ffabcaed88
icsa.html
Posted Aug 17, 1999

ICSA: "International Computer Security Association" or "International Crime Syndicate Association"?

tags | paper
MD5 | 29adc21cb7026cbc2f95c071497ff7b0
icsa.certified.weak.crypto.txt
Posted Aug 17, 1999

The ICSA seems to be confused about what the real industry standards are, and has been certifying sites as "secure" even when weak 40-bit crypto is used. The replies from ICSA reps are very interesting.

tags | exploit, crypto
MD5 | d31792b79307de835d87d71cb3173bf6
Page 1 of 1
Back1Next

File Archive:

November 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    19 Files
  • 2
    Nov 2nd
    25 Files
  • 3
    Nov 3rd
    8 Files
  • 4
    Nov 4th
    7 Files
  • 5
    Nov 5th
    24 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    106 Files
  • 11
    Nov 11th
    19 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    12 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    12 Files
  • 19
    Nov 19th
    4 Files
  • 20
    Nov 20th
    2 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    14 Files
  • 24
    Nov 24th
    19 Files
  • 25
    Nov 25th
    4 Files
  • 26
    Nov 26th
    1 Files
  • 27
    Nov 27th
    4 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close