Feed aggregator

[ERPSCAN-15-007] SAP Management Console ReadProfile Parameters - Information disclosure

BugTraq Latest Security Advisories - June 25, 2015 - 7:45am

Posted by Darya Maenkova on Jun 25

ERPSCAN Research Advisory [ERPSCAN-15-007] SAP Management Console
ReadProfile Parameters - Information disclosure

Application: SAP Management Console
Versions Affected: SAP NW 7.4 Management Console, probably others
Vendor URL: http://SAP.com
Bugs: Information disclosure
Sent: 09.12.2014
Reported: 09.12.2014
Vendor response: 10.12.2014
Date of Public Advisory:...
Categories:

[ERPSCAN-15-005] SAP Mobile Platform - XXE

BugTraq Latest Security Advisories - June 25, 2015 - 7:37am

Posted by Darya Maenkova on Jun 25

ERPSCAN Research Advisory [ERPSCAN-15-005] SAP Mobile Platform - XXE

Application: SAP Mobile Platform 2.3
Versions Affected: SAP Mobile Platform 2.3, probably others
Vendor URL: http://SAP.com
Bugs: XML eXternal Entity
Sent: 06.11.14
Reported: 06.11.14
Vendor response: 07.11.14
Date of Public Advisory: 18.06.2015
Reference: SAP Security Note...
Categories:

[ERPSCAN-15-006] SAP NetWeaver Portal ReportXmlViewer - XXE

BugTraq Latest Security Advisories - June 25, 2015 - 7:29am

Posted by Darya Maenkova on Jun 25

ERPSCAN Research Advisory [ERPSCAN-15-006] SAP NetWeaver Portal
ReportXmlViewer - XXE

Application: SAP NetWeaver Portal 7.31
Versions Affected: SAP NetWeaver Portal 7.31, probably others
Vendor URL: http://SAP.com
Bugs: XXE
Sent: 09.12.2014
Reported: 09.12.2014
Vendor response: 10.12.2014
Date of Public Advisory: 18.06.2015
Reference: SAP...
Categories:

[ERPSCAN-15-004] SAP NetWeaver Portal XMLValidationComponent - XXE

BugTraq Latest Security Advisories - June 25, 2015 - 7:04am

Posted by Darya Maenkova on Jun 25

ERPSCAN Research Advisory [ERPSCAN-15-004] SAP NetWeaver Portal
XMLValidationComponent - XXE

Application: SAP NetWeaver Portal 7.31
Versions Affected: SAP NetWeaver Portal 7.31, probably others
Vendor URL: http://SAP.com
Bugs: XML eXternal Entity
Sent: 06.11.2014
Reported: 06.11.2014
Vendor response: 07.11.2014
Date of Public Advisory: 18.06.2015...
Categories:

[ERPSCAN-15-003] SAP NetWeaver Dispatcher Buffer Overflow - RCE, DoS

BugTraq Latest Security Advisories - June 25, 2015 - 6:56am

Posted by Darya Maenkova on Jun 25

ERPSCAN Research Advisory [ERPSCAN-15-003] SAP NetWeaver Dispatcher
Buffer Overflow - RCE, DoS

Application: SAP NetWeaver Dispatcher
Versions Affected: SAP NetWeaver Dispatcher, probably others
Vendor URL: http://SAP.com
Bugs: RCE
Sent: 25.08.14
Reported: 25.08.14
Vendor response: 25.08.14
Date of Public Advisory: 15.02.2015...
Categories:

[SECURITY] [DSA 3295-1] cacti security update

BugTraq Latest Security Advisories - June 24, 2015 - 2:16pm

Posted by Salvatore Bonaccorso on Jun 24

-------------------------------------------------------------------------
Debian Security Advisory DSA-3295-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
June 24, 2015 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : cacti
CVE ID : CVE-2015-2665 CVE-2015-4342...
Categories:

CVE-2015-4464 Insufficient Authorization Checks Request Handling Remote Authentication Bypass for Kguard Digital Video Recorders

BugTraq Latest Security Advisories - June 24, 2015 - 1:09pm

Posted by Federick Joe P Fajardo on Jun 24

CVEID: CVE-2015-4464

SUBJECT: Insufficient Authorization Checks Request Handling Remote
Authentication Bypass for Kguard Digital Video Recorders

DESCRIPTION: A deficiency in handling authentication and authorization
has been found with Kguard 104/108/v2 models. While password-based
authentication
is used by the ActiveX component to protect the login page, all the
communication
to the application server at port 9000 allows data to be...
Categories: