Release date:
Updated on: 2012-08-02
Affected Systems:
Sielcosistemi Winlog Pro 2.7.9
Sielcosistemi Winlog Pro 2.7.1
Sielcosistemi Winlog Pro 2.7
Description:
--------------------------------------------------------------------------------
Bugtraq id: 54212
Winlog Pro is a SCADA/HMI software package for managing industrial and civil factories.
Multiple security vulnerabilities exist in Winlog Pro and earlier versions. Attackers can exploit these vulnerabilities to perform illegal operations through directory traversal attacks and run arbitrary code or cause DOS.
<* Source: Luigi Auriemma (aluigi@pivx.com)
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Sielcosistemi
-------------
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://www.sielcosistemi.com/en/download/public/winlog_lite.html