View Single Post
  #2   (View Single Post)  
Old 25th March 2011
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,128
Default Another zero-day exploit for SCADA systems

From http://www.h-online.com/security/new...s-1215450.html

Quote:
Security specialist Ruben Santamarta has published code demonstrating a flaw in the web-based virtualisation software WebAccess from BroadWin. The code reportedly allows a flaw in WebAccess Network Service's RPC interface to be exploited allowing code to be injected. Santamarta says he informed ICS-CERT in advance, and the firm contacted the vendor.

ICS-CERT said that the vendor was not able to confirm the flaw. Santamarta later wrote that the vendor denied the flaw's existence, so he published the exploit. In lieu of a patch, ICS-CERT recommendsPDF that BroadWin users protect their systems with a firewall and use VPNs for remote access. BroadWin software is used around the world and is also sold by Advantech.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote