Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Schneider Electric CitectSCADA Insecure DLL Loading Code Execution Vulnerability

From: "W Gillespie" <wgillespie+fulldiscolosure () es2eng com>
Date: Tue, 8 Sep 2015 02:50:06 -0600 (MDT)
If I can write a file to "C:\Program Files", I already have administrative access to the machine.
http://blogs.msdn.com/b/oldnewthing/archive/2012/12/07/10375415.aspx

-----Original Message-----
From: "Praveen D" <praveend.hac () gmail com>
Sent: Friday, September 4, 2015 6:41am
To: fulldisclosure () seclists org
Subject: [FD] Schneider Electric CitectSCADA Insecure DLL Loading Code Execution Vulnerability

Create a malicious DLL and rename as anyone of the below DLL's.
<snip>
located at
C:\Program Files\Schneider Electric\CitectSCADA 7.40\Bin\


_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Previous By Date Next
Previous By Thread Next

Current thread: