New XML/XXE OOB stuff. http://ics-cert.us-cert.gov/pdf/ICSA-13-067-02.pdf
Thanks to INVENSYS security team for quick fix.
Thanks to INVENSYS security team for quick fix.
Saturday, March 23, 2013
Wednesday, March 20, 2013
WinCC vulnerabilities: fresh meat
New vulnerabilities/fixes in Siemens WinCC 7.0 SP3 Update 1
CVE-2013-0678/
MISSING ENCRYPTION OF SENSITIVE DATA
CVE-2013-0676
IMPROPER AUTHORIZATION
CVE-2013-0677 XXE OOB in project files
CVE-2013-0677 XXE OOB in project files
CVE-2013-0679
RELATIVE PATH TRAVERSAL
CVE-2013-0674,
CVE-2013-0675 BUFFER OVERFLOW
+ lot of good stuff for WinCC Flexible in
TIA Portal V11.
Thanks to Gleb
Gritsai, Sergey Bobrov, Roman Ilin, Artem Chaykin, Timur Yunusov, Ilya Karpov,
Alexey Osipov, Sergey Gordeychik, Dmitry Nagibin and Siemens CERT/Product team.
SSA-212483
http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-212483.pdf
SSA-714398
http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf
ICSA-13-079-02
http://ics-cert.us-cert.gov/pdf/ICSA-13-079-02.pdf
Enjoy!
PS. Exploits for WinCC? No way! This is Out Of Band.
Thursday, March 14, 2013
Black Hat XXE OOB Slides and Tools
XXOETA tool
https://github.com/Gifts/XXE-OOB-Exploitation-Toolset-for-Automation/
Enjoy!
Subscribe to:
Posts (Atom)