GradeZero Music Band
Saturday, March 23, 2013
ICSA-13-067-02—INVENSYS WONDERWARE WIN-XML EXPORTER IMPROPER INPUT VALIDATION VULNERABILITY
New XML/XXE OOB stuff.
http://ics-cert.us-cert.gov/pdf/ICSA-13-067-02.pdf
Thanks to INVENSYS security team for quick fix.
Wednesday, March 20, 2013
WinCC vulnerabilities: fresh meat
New vulnerabilities/fixes in Siemens WinCC 7.0 SP3 Update 1
CVE-2013-0678/ MISSING ENCRYPTION OF SENSITIVE DATA
CVE-2013-0676 IMPROPER AUTHORIZATION
CVE-2013-0677 XXE OOB in project files
CVE-2013-0679 RELATIVE PATH TRAVERSAL
CVE-2013-0674, CVE-2013-0675 BUFFER OVERFLOW
+ lot of
good stuff for WinCC Flexible in TIA Portal V11.
More details
@infiltratecon
and
@phdays
.
Thanks to Gleb Gritsai, Sergey Bobrov, Roman Ilin, Artem Chaykin, Timur Yunusov, Ilya Karpov, Alexey Osipov, Sergey Gordeychik, Dmitry Nagibin and Siemens CERT/Product team.
SSA-212483
http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-212483.pdf
SSA-714398
http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf
ICSA-13-079-02
http://ics-cert.us-cert.gov/pdf/ICSA-13-079-02.pdf
Enjoy!
PS. Exploits for WinCC? No way! This is Out Of Band.
Thursday, March 14, 2013
Black Hat XXE OOB Slides and Tools
By Timur Yunusov and Alexey Osipov.
XXOETA tool
https://github.com/Gifts/XXE-OOB-Exploitation-Toolset-for-Automation/
Black Hat: XML Out-Of-Band Data Retrieval
Enjoy!
Newer Posts
Older Posts
Home
Subscribe to:
Posts (Atom)