Gleg releases Ver 1.6 of the SCADA+ Exploit Pack for Immunity Canvas

On September 26, Gleg released version 1.6 of their SCADA+ exploit pack for Immunity Canvas. This release includes several new modules including many found by Luigi Auriemma. Note that Metasploit has also incorporate a large number of these exploit modules in their free framework.

Some of the modules included in version 1.6 include:

• Cogent DataHub Directory traversal vulnerability. CVE-2011-3500.
• DAQFactory <= v.5.85 build 1853 stack based buffer overflow. CVE-2011-3492
• CarelDataServer Directory traversal vulnerability. CVE-2011-3487
• Procyon Core Server stack buffer overflow. CVE-2011-3322
• SCADAPRO <= v.4.0.0.0 unauthenticated remote command execution. no CVE, but public.

Step ahead SCADA+ users also receive additional 0days, including the following:

• CEserver buffer overflow - 0day.
  This software is available for most embedded systems.
  Exploit by now covers WinXP sp3 embedded.
• Carel Plant Visor Pro critical information disclosure - 0day
  All scada users logins+pwds steal
• Carel Plant Visor Pro critical information disclosure - Second vuln. 0day
  All scada users logins+pwds steal

Details on the SCADA+ pack can be found on the Gleg website.  Pricing was previously available on-line, and my past investigation showed a three-month subscription for Agora SCADA+ costs US$2,250, which includes updates to the exploit pack and a single license for the Canvas framework. A one-year subscription costs $5,400 and also comes with one Canvas license. For current pricing, contact sales@immunityinc.com.