Blog Posts Tagged with "Buffer Overflow"
On Buffer Overrun Vulnerabilities, Exploits and Attacks
April 19, 2012 Added by:Fergal Glynn
A Buffer overflow is a common software coding mistake. To effectively mitigate the vulnerability, it is important that you first understand what buffer overflows are, what dangers they pose to your applications, and what techniques attackers use to successfully exploit them...
Comments (0)
ICS-CERT: Siemens Scalance X Industrial Ethernet Vulnerability
April 18, 2012 Added by:Infosec Island Admin
Exploitation of the vulnerability allows an attacker to perform malicious actions which may lead to a denial of service condition or possible arbitrary code execution. These actions may ultimately impact the process environment in which the system is deployed...
Comments (0)
ICS-CERT: Koyo Ecom100 Multiple Vulnerabilities
April 16, 2012 Added by:Infosec Island Admin
ICS-CERT is aware of a public report of multiple vulnerabilities with proof-of-concept exploit code affecting the Koyo ECOM100 Ethernet Module. A brute force password cracking tool has been released that targets a weak authentication vulnerability in the ECOM series modules...
Comments (0)
ICS-CERT: Siemens Scalence S Multiple Vulnerabilities
April 12, 2012 Added by:Infosec Island Admin
Siemens has reported two security vulnerabilities in the Scalance S Security Module firewall - a brute-force credential guessing vulnerability in the web configuration and a stack-based buffer overflow vulnerability in the Profinet DCP protocol stack...
Comments (0)
ICS-CERT: ABB Multiple Components Buffer Overflow
April 11, 2012 Added by:Infosec Island Admin
Researchers have identified a buffer overflow vulnerability in multiple components of the ABB WebWare Server application which could lead to a denial-of-service for the application and privilege escalation or could allow an attacker to execute arbitrary code...
Comments (0)
ICS-CERT: ABB WebWare Server Buffer Overflow
April 06, 2012 Added by:Infosec Island Admin
Researchers have identified a buffer overflow vulnerability in multiple components of the ABB WebWare Server application which if exploited could lead to a denial-of-service for the application and privilege escalation or could allow an attacker to execute arbitrary code...
Comments (0)
ICS-CERT: Invensys Wonderware Buffer Overflow Vulnerability
April 02, 2012 Added by:Infosec Island Admin
Researchers identified two buffer overflow vulnerabilities in the WWCabFile component of the Wonderware System Platform, and successful exploitation of these vulnerabilities will cause a buffer overflow that may allow remote code execution...
Comments (0)
Cisco Releases Multiple Security Advisories
March 15, 2012 Added by:Headlines
The Cisco AnyConnect ActiveX control contains a buffer overflow vulnerability which can allow a remote attacker to convince a user to view a specially crafted HTML document, and the attacker may be able to then execute arbitrary code...
Comments (0)
ICS-CERT: Robot Communication Runtime Buffer Overflow
March 05, 2012 Added by:Infosec Island Admin
A buffer overflow vulnerability in the Robot Communication Runtime software used to communicate with IRC5, IRC5C, and IRCP robot controllers could allow an attacker to cause a denial of service and potentially execute remote code with administrator privileges...
Comments (0)
ICS-CERT: Koyo Ecom100 Brute Force Cracking Tool
February 15, 2012 Added by:Headlines
A brute force password cracking tool has been released that targets the weak authentication vulnerability in the Koyo ECOM100 Ethernet Module. This tool may greatly reduce the time and skill level required to attack a vulnerable system...
Comments (0)
ICS-CERT: Open Automation Software OPC Systems.NET Vulnerabilities
January 27, 2012 Added by:Headlines
Researcher Luigi Auriemma publicly reported a malformed packet vulnerability in Open Automation Software’s OPC Systems.NET along with proof-of-concept exploit code. Digital Security Research Group publicly reported the vulnerability in a third-party ActiveX control...
Comments (0)
ICS-CERT: Multiple PLC Zero-Day Vulnerabilities
January 24, 2012 Added by:Headlines
The vulnerabilities purportedly include buffer overflows, backdoors, weak authentication and encryption, and other vulnerabilities that could allow an attacker to take control of the device and interfere or halt the process it controls...
Comments (0)
ICS-CERT: Siemens Tecnomatix FactoryLink ActiveX
January 05, 2012 Added by:Headlines
Researchers identified two vulnerabilities affecting ActiveX components in the Siemens Tecnomatix FactoryLink application, including buffer overflow and data corruption. Successful exploitation of the vulnerabilities could allow an attacker to perform denial of service and arbitrary code execution...
Comments (0)
Securing Web Services in the Cloud
January 19, 2011 Added by:Danny Lieberman
Access to confidential information or embezzlement of funds is just some of the possible internal security breaches that can be performed by employees or former employees. Because employees are the most familiar with internal systems, detection can be made extremely difficult...
Comments (3)
- Not Totally Sure What Just Happened...
- Has Anonymous Infiltrated the US Government?
- Big Opportunities in the Cloud
- Zeus Malware Targeting Facebook, Gmail and Yahoo Users
- Follow Up to the Out of Band Authentication Post
- Skype Malware Campaign Spreading Poison Ivy Trojan
- I Hope Edo is Worth the Privacy Risk
- Dutch MoD Innovation Competition 2012: CYBER Operations 2.0
- NIST Workshop: The Technical Aspects of Botnets
- Security Automation by Hand - Batch/Bash/FOR