Tuesday, December 16, 2014

Well, Honeywell

New knowledge about Honeywell Experion Process Knowledge System. Yes, you must patch it.
Yes, it's all about grep +1 SSRF.

Thanks to Alexander Tlyapov, Gleb Gritsai, Kirill Nesterov, Artem Chaykin and Ilya Karpov

Honeywell advisory/patch:
https://www.honeywellprocess.com/library/support/Public/Documents/ExperionPKS.R311.Server.Patch282.PAR1-2VNCSKZ_SCN.pdf

Sorry for the delay. It can wait.



PS.

http://osvdb.org/show/osvdb/115235
http://osvdb.org/show/osvdb/115236
http://osvdb.org/show/osvdb/115237
http://osvdb.org/show/osvdb/115239
http://osvdb.org/show/osvdb/115238
http://osvdb.org/show/osvdb/115240
http://osvdb.org/show/osvdb/115241
http://osvdb.org/show/osvdb/115242
http://osvdb.org/show/osvdb/115243
http://osvdb.org/show/osvdb/115244
http://osvdb.org/show/osvdb/115245
http://osvdb.org/show/osvdb/115246
http://osvdb.org/show/osvdb/115247
http://osvdb.org/show/osvdb/115248
http://osvdb.org/show/osvdb/115249
http://osvdb.org/show/osvdb/115250
http://osvdb.org/show/osvdb/115251
http://osvdb.org/show/osvdb/115253
http://osvdb.org/show/osvdb/115233
http://osvdb.org/show/osvdb/115234
+1
http://osvdb.org/show/osvdb/115252
Posted by at
Labels: , , , , ,
Location: İstanbul, Turkey

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)