Gleg releases Ver 1.7 of the SCADA+ Exploit Pack for Immunity Canvas
On October 20, Gleg released version 1.7 of the SCADA+ Exploit Pack for the Immunity Canvas framework, though this time around, I do not see a lot of unique value in the code updates.
Modules of interest in this release represent the bulk of the ICS/SCADA vulnerabilities disclosed in September, including:
- Rockwell's RSLogix5000 DoS
- SCADAPRO buffer overflow / DoS
- Cogent Datahub
- Sunway httpsvr.exe unauthenticated remote command execution
- Sunway AngelServer DoS
- Sunway SNMP NetDBServer stack-based buffer overflow
- Advantech Web Studio DoS 0-day
- Rockwell RSLogix 5000 DoS
- SCADAPro Stack Overflow
- Cogent Datahub Buffer Overflow
- Sunway HTTPSVR.exe Remote Code Execution
- Sunway SNMP Stack Overflow
In addition, the SCADAPro vulnerability with allows remote code execution via directory traversal has been included with the Metasploit Framework in SVN 13967.
I have created a new list of new SCADA/ICS vulnerabilites, complete with PoC (if available) and additional references at SCADAhacker.com. I am about a week behind, but intend to keep this current and up to date as new vulnerabilities are disclosed.
As always, please post your comments or suggestions to improve the usefulness of this information.
Cross-posted from SCADAhacker