Monday, September 26, 2011

Gleg releases Ver 1.6 of the SCADA+ Exploit Pack for Immunity Canvas

On September 26, Gleg released version 1.6 of their SCADA+ exploit pack for Immunity Canvas. This release includes several new modules including many found by Luigi Auriemma. Note that Metasploit has also incorporate a large number of these exploit modules in their free framework.

Some of the modules included in version 1.6 include:
  • Cogent DataHub Directory traversal vulnerability. CVE-2011-3500.
  • DAQFactory <= v.5.85 build 1853 stack based buffer overflow. CVE-2011-3492
  • CarelDataServer Directory traversal vulnerability. CVE-2011-3487
  • Procyon Core Server stack buffer overflow. CVE-2011-3322
  • SCADAPRO <= v.4.0.0.0 unauthenticated remote command execution. no CVE, but public.

Step ahead SCADA+ users also receive additional 0days, including the following:
  • CEserver buffer overflow - 0day.
    This software is available for most embedded systems.
    Exploit by now covers WinXP sp3 embedded.
  • Carel Plant Visor Pro critical information disclosure - 0day
    All scada users logins+pwds steal
  • Carel Plant Visor Pro critical information disclosure - Second vuln. 0day
    All scada users logins+pwds steal
Details on the SCADA+ pack can be found on the Gleg website.  Pricing was previously available on-line, and my past investigation showed a three-month subscription for Agora SCADA+ costs US$2,250, which includes updates to the exploit pack and a single license for the Canvas framework. A one-year subscription costs $5,400 and also comes with one Canvas license. For current pricing, contact sales@immunityinc.com.

    No comments:

    Post a Comment