Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

C4 Security Advisory - GE Fanuc Proficy Information Portal 2.6 Authentic

from [Eyal Udassin] Network Security [Permanent Link]
Subject: C4 Security Advisory - GE Fanuc Proficy Information Portal 2.6 Authentication Vulnerability
Date: Fri, 25 Jan 2008 12:38:27 -0500 
Background
-----------------
GE-Fanuc's Proficy Information Portal 2.6 is a web based reporting
application for the SCADA environment. As such it will usually be installed
in a buffer zone between the SCADA and the corporate network, which makes it
a very sensitive application as it can access both networks.
 
Description
----------------
The login process of Proficy involves sending the username in cleartext and
the password in Base64 encoded format. This transmition can potentially be
intercepted and decoded by an attacker with access to the data traffic.
 
Impact
----------
An attacker can harvest user credentials by intercepting the traffic between
the browser and the Proficy server.
 
Affected Versions
-------------------------
Proficy Information Portal 2.6
Previous versions may be vulnerable, as they were not tested.
 
Workaround/Fix
-----------------------
The vendor issued a KB article on how to resolve this vulnerability at the
GE-Fanuc website, yet the proposed solution was not verified by C4.
 
Additional Information
-------------------------------
For additional information please contact us at info@c4-security.com. Note
that we will respond only to verified utility personnel and governmental
agencies.
The CVE identifier assigned to this vulnerability by CERT is CVE-2008-0174
 
Credit
---------
This vulnerability was discovered by Eyal Udassin of C4.
 
Regards,
 
Eyal Udassin - C4 (Formerly Swift Coders)
33 Jabotinsky St. The Twin Towers #1, Ramat Gan, Israel
eyal.udassin@c4-security.com / www.c4-security.com
<http://www.c4-security.com/> 
+972-547-684989
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  C4 Security Advisory - GE Fanuc Proficy Information Portal 2.6 Arbitrary File Upload and Execution, Eyal Udassin
Next by Date:  Re: [Full-disclosure] Peers static overflow in BitTorrent 6.0 and uTorrent 1.7.5, Luigi Auriemma
Previous by Thread:  C4 Security Advisory - GE Fanuc Proficy Information Portal 2.6 Arbitrary File Upload and Execution, Eyal Udassin
Next by Thread:  Re: C4 Security Advisory - GE Fanuc Proficy Information Portal 2.6 Authentication Vulnerability, pete . sage
Indexes:  [Date] [Thread] [Top] [All Lists]