[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Vulnerabilities in trading and SCADA softwares

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: Vulnerabilities in trading and SCADA softwares
From: fergal.cassidy@xxxxxxxxxxxxxxx
Date: Wed, 14 Sep 2011 09:13:56 GMT

The so called vulnerability in ScadaPro does not apply when the Windows 
firewall is enabled and under normal circumstances the TCP-IP port is not used 
to communicate with the ScadaPro service.

In the next release of ScadaPro the TCP/IP port will not be available and 
instead a secure web service will be available.

Also please note these tests were performed independently of Measuresoft on a 
demo version and without seeking or obtaining any advice from Measuresoft on 
how to securely deploy ScadaPro.

Follow-Ups:
- Re: Vulnerabilities in trading and SCADA softwares
  - From: Jeffrey Walton

Prev by Date: Multiple vulnerabilities in SiT! Support Incident Tracker
Next by Date: VUPEN Security Research - Adobe Acrobat and Reader TIFF BitsPerSample Heap Overflow Vulnerability
Previous by thread: Vulnerabilities in trading and SCADA softwares
Next by thread: Re: Vulnerabilities in trading and SCADA softwares
Index(es):
- Date
- Thread