Corporate Network
----------
An attacker can exploit these vulnerabilities in order to:
1. Halt the system's operation (Denial of Service)
2. Gain unauthorized access with high privileges to the system
3. Leverage these vulnerabilities to attempt to find additional
vulnerabilities in the server to carry out the "corporate network to control
center" and "field to control center" attack vectors mentioned in C4's S4
2008 paper "Control System Attack Vectors and Examples: Field Site and
Corporate Network"
<http://www.c4-security.com/SCADA%20Security%20-%20Attack%20Vectors.pdf> .
An attacker can gain access to the PI Server databases, allowing him to:
1. Gain access to confidential operational information
2. Data tampering - permanent data loss or presentation of misleading
decision support data
3. Attempt to find additional vulnerabilities in the server to carry
out the "corporate network to control center" attack vector mentioned in
C4's S4 2008 paper "Control System Attack Vectors and Examples: Field Site
and Corporate Network" (http://www.c4-security.com/index-5.html).
Affected Versions
-------------------------
Impact
----------
An attacker can compromise the server which runs PCU400, which acts as the FEP server of the ABB SCADA system.
This vulnerability is another method to carry out the "field to control center" attack vector mentioned in C4's S4 2008 paper "Control System Attack Vectors and Examples: Field Site and Corporate Network", which will allow the attacker to control other RTUs connected to that FEP.
In addition, an attacker can use his control over the FEP server to insert a generic electric grid malware as specified in our SysScan08 presentation, in order to cause harm to the grid.
Both documents are available at http://www.c4-security.com/index-5.html .
. Halt the system's operation (Denial of Service)
. Gain unauthorized access with high privileges to the system
. Leverage these vulnerabilities to attempt to find additional
vulnerabilities in the server to carry out the "field to field" attack
vectors mentioned in C4's S4 2008 paper "Control System Attack Vectors and
Examples: Field Site and Corporate Network"
(http://www.c4-security.com/index-5.html).
Affected Versions
-------------------------
AB Micrologix 1100
AP> Description
AP> ***********
AP> Service account used for Kaspersky Administration Kit and it
AP> functional make possible attack on other hosts
AP> in a corporate network.
AP> Details
AP> *******
AP> Functional called "Scan IP subnets" is enabled by default in Kaspersky Administration Kit 6.
Description
***********
Service account used for Kaspersky Administration Kit and it functional make possible attack on other hosts
in a corporate network.
Details
*******
Functional called "Scan IP subnets" is enabled by default in Kaspersky Administration Kit 6.
WORKSHOPS - Discounted until Friday!
Also, this year we will be offering 2 2-day workshops before the
conference. One of which covers a more in-depth overview of what it
takes to become a world-class pen-tester, and one that teaches you the
behind the scenes in's and out's of running a secure corporate network
and being able to perform proper incident response when things don't
go as planned. These workshops are limited attendance and are filling
up fast. To try to get them sold out quickly we've discounted these
back to the original pre-registration price just for this week. Don't
miss out on hundreds of dollars of savings, register today!
Introduction:
=============
Each iGuard Biometric / Smart Card Security Appliance has a built-in Web Server enables all the computers in the corporate
network to directly simultaneously access the device using any Internet Browser, such as Microsoft Internet Explorer Netscape
Navigator. Different computer platforms such as Apple Macintosh, Microsoft Windows Linux machines can access the device. No
additional software is required. So whether you are in an airport lounge or a hotel room, you can always check if your employees
are already in the office or not, and you can even control, modify or disable their access rights to your office remotely via
internet connection provided your iGuard Biometric / Smart Card Security Appliance is connected to an external IP address or
your network is available through a VPN connection that is reachable from your location.
+------------------------------------------------
The IM inspect engine lets you apply fine grained controls on the IM
application to control the network usage and stop leakage of
confidential data, propagation of worms, and other threats to the
corporate network.
A DoS vulnerability affects the MSN IM inspection feature of Cisco
ASA 5500 Series Adaptive Security Appliances. During successful
exploitation, an unauthenticated attacker could cause the affected
device to reload and may result in a sustained DoS condition.
Vendor description:
---------------
SonicWALL SSL-VPN solutions can be configured to provide users with
easy-to-use, secure and clientless remote access to a broad range of
resources on the corporate network.
Vulnerabilty overview:
---------------
Quote from http://www.checkpoint.com/
"VPN-1 UTM Edge appliances deliver unified threat management to
enterprises with branch offices and simplify security deployments
and manageability. VPN-1 UTM Edge appliances consolidate proven
enterprise-class technology into a single branch office solution
that does not compromise the corporate network and eliminates the
branch office as your weakest link. As part of Check Point's Unified
Security Architecture, VPN-1 UTM Edge can enforce a global security
policy and allows administrators to manage and update thousands of
appliances as easily as managing one."
> tell you that my visa was working properly all the time, and my bank was
> 24/7 available.
>
> This all led me to the conclusion, that all the hush is about a couple (ok,
> maybe tens or hundreds) of DDoS attacks being done.
> Tell me, how many attacks or ok, attack attempts does your corporate network
> suffer during the day ?
>
> What concerns that student you wrote about, well, Gadi please, as far as I
> know that was a ping-of-death he commited against the server of one
> political party.
tell you that my visa was working properly all the time, and my bank was
24/7 available.
This all led me to the conclusion, that all the hush is about a couple (ok,
maybe tens or hundreds) of DDoS attacks being done.
Tell me, how many attacks or ok, attack attempts does your corporate network
suffer during the day ?
What concerns that student you wrote about, well, Gadi please, as far as I
know that was a ping-of-death he commited against the server of one
political party.
|
