infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Change description a bit 

Try to make this sound smoother
bug/bundler_fix
sinn3r 2013-11-28 12:19:42 -06:00
parent 807e2dfd31
commit 8817c0eee0
1 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
modules/exploits/windows/scada/abb_wserver_exec.rb
View File

@ -16,11 +16,12 @@ class Metasploit3 < Msf::Exploit::Remote
'Name' => 'ABB MicroSCADA wserver.exe Remote Code Execution',
'Description' => %q{
This module exploits a remote stack buffer overflow vulnerability in ABB MicroSCADA. The
vulnerability exists on the wserver.exe component, disabled by default but required when
a project uses the SCIL function WORKSTATION_CALL. The issue exists on the handling of
EXECUTE operations, which allows unauthenticated execution of arbitrary commands. This
module has been tested successfully on ABB MicroSCADA Pro SYS600 9.3 over Windows XP SP3
and Windows 7 SP1.
issue is due to the handling of unauthenticated EXECUTE operations on the wserver.exe
component, which allows arbitrary commands. The component is disabled by default, but
required when a project uses the SCIL function WORKSTATION_CALL.
This module has been tested successfully on ABB MicroSCADA Pro SYS600 9.3 over
Windows XP SP3 and Windows 7 SP1.
},
'License' => MSF_LICENSE,
'Author' =>