Feed aggregator

[ERPSCAN-15-010] SYBASE SQL Anywhere 12 and 16 - DoS

BugTraq Latest Security Advisories - June 25, 2015 - 8:01am

Posted by Darya Maenkova on Jun 25

ERPSCAN Research Advisory [ERPSCAN-15-010] SYBASE SQL Anywhere 12 and 16
- DoS

Application: SYBASE SQL Anywhere 12 and 16
Versions Affected: SYBASE SQL Anywhere 12 and 16, probably others
Vendor URL: http://SAP.com
Bugs: DoS
Sent: 09.12.2014
Reported: 09.12.2014
Vendor response: 10.12.2014
Date of Public Advisory: 18.06.2015
Reference:...
Categories:

[ERPSCAN-15-009] SAP Afaria 7 XcListener - Missing authorization check

BugTraq Latest Security Advisories - June 25, 2015 - 7:53am

Posted by Darya Maenkova on Jun 25

ERPSCAN Research Advisory [ERPSCAN-15-009] SAP Afaria 7 XcListener -
Missing authorization check

Application: SAP Afaria 7
Versions Affected: SAP Afaria 7, probably others
Vendor URL: http://SAP.com
Bugs: Missing authorization check
Sent: 09.12.2014
Reported: 09.12.2014
Vendor response: 10.12.2014
Date of Public Advisory: 18.06.2015
Reference:...
Categories:

[ERPSCAN-15-007] SAP Management Console ReadProfile Parameters - Information disclosure

BugTraq Latest Security Advisories - June 25, 2015 - 7:45am

Posted by Darya Maenkova on Jun 25

ERPSCAN Research Advisory [ERPSCAN-15-007] SAP Management Console
ReadProfile Parameters - Information disclosure

Application: SAP Management Console
Versions Affected: SAP NW 7.4 Management Console, probably others
Vendor URL: http://SAP.com
Bugs: Information disclosure
Sent: 09.12.2014
Reported: 09.12.2014
Vendor response: 10.12.2014
Date of Public Advisory:...
Categories:

[ERPSCAN-15-005] SAP Mobile Platform - XXE

BugTraq Latest Security Advisories - June 25, 2015 - 7:37am

Posted by Darya Maenkova on Jun 25

ERPSCAN Research Advisory [ERPSCAN-15-005] SAP Mobile Platform - XXE

Application: SAP Mobile Platform 2.3
Versions Affected: SAP Mobile Platform 2.3, probably others
Vendor URL: http://SAP.com
Bugs: XML eXternal Entity
Sent: 06.11.14
Reported: 06.11.14
Vendor response: 07.11.14
Date of Public Advisory: 18.06.2015
Reference: SAP Security Note...
Categories:

Bugtraq: [ERPSCAN-15-004] SAP NetWeaver Portal XMLValidationComponent - XXE

[ERPSCAN-15-004] SAP NetWeaver Portal XMLValidationComponent - XXE
Categories:

Bugtraq: [ERPSCAN-15-003] SAP NetWeaver Dispatcher Buffer Overflow - RCE, DoS

[ERPSCAN-15-003] SAP NetWeaver Dispatcher Buffer Overflow - RCE, DoS
Categories:

Bugtraq: [SECURITY] [DSA 3295-1] cacti security update

[SECURITY] [DSA 3295-1] cacti security update
Categories:

Bugtraq: CVE-2015-4464 Insufficient Authorization Checks Request Handling Remote Authentication Bypass for Kguard Digital Video Recorders

CVE-2015-4464 Insufficient Authorization Checks Request Handling Remote Authentication Bypass for Kguard Digital Video Recorders
Categories:

[ERPSCAN-15-006] SAP NetWeaver Portal ReportXmlViewer - XXE

BugTraq Latest Security Advisories - June 25, 2015 - 7:29am

Posted by Darya Maenkova on Jun 25

ERPSCAN Research Advisory [ERPSCAN-15-006] SAP NetWeaver Portal
ReportXmlViewer - XXE

Application: SAP NetWeaver Portal 7.31
Versions Affected: SAP NetWeaver Portal 7.31, probably others
Vendor URL: http://SAP.com
Bugs: XXE
Sent: 09.12.2014
Reported: 09.12.2014
Vendor response: 10.12.2014
Date of Public Advisory: 18.06.2015
Reference: SAP...
Categories:

[ERPSCAN-15-004] SAP NetWeaver Portal XMLValidationComponent - XXE

BugTraq Latest Security Advisories - June 25, 2015 - 7:04am

Posted by Darya Maenkova on Jun 25

ERPSCAN Research Advisory [ERPSCAN-15-004] SAP NetWeaver Portal
XMLValidationComponent - XXE

Application: SAP NetWeaver Portal 7.31
Versions Affected: SAP NetWeaver Portal 7.31, probably others
Vendor URL: http://SAP.com
Bugs: XML eXternal Entity
Sent: 06.11.2014
Reported: 06.11.2014
Vendor response: 07.11.2014
Date of Public Advisory: 18.06.2015...
Categories:

[ERPSCAN-15-003] SAP NetWeaver Dispatcher Buffer Overflow - RCE, DoS

BugTraq Latest Security Advisories - June 25, 2015 - 6:56am

Posted by Darya Maenkova on Jun 25

ERPSCAN Research Advisory [ERPSCAN-15-003] SAP NetWeaver Dispatcher
Buffer Overflow - RCE, DoS

Application: SAP NetWeaver Dispatcher
Versions Affected: SAP NetWeaver Dispatcher, probably others
Vendor URL: http://SAP.com
Bugs: RCE
Sent: 25.08.14
Reported: 25.08.14
Vendor response: 25.08.14
Date of Public Advisory: 15.02.2015...
Categories:

Bugtraq: CVE-2015-3443 XSS in Thycotic Secret Server version 8.6.000000 to 8.8.000004

CVE-2015-3443 XSS in Thycotic Secret Server version 8.6.000000 to 8.8.000004
Categories:

Bugtraq: [SECURITY] [DSA 3294-1] wireshark security update

[SECURITY] [DSA 3294-1] wireshark security update
Categories:

next-20150625: linux-next

Linux Kernel Updates - June 25, 2015 - 3:14am
Version:next-20150625 (linux-next) Released:2015-06-25

[SECURITY] [DSA 3295-1] cacti security update

BugTraq Latest Security Advisories - June 24, 2015 - 2:16pm

Posted by Salvatore Bonaccorso on Jun 24

-------------------------------------------------------------------------
Debian Security Advisory DSA-3295-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
June 24, 2015 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : cacti
CVE ID : CVE-2015-2665 CVE-2015-4342...
Categories:

CVE-2015-4464 Insufficient Authorization Checks Request Handling Remote Authentication Bypass for Kguard Digital Video Recorders

BugTraq Latest Security Advisories - June 24, 2015 - 1:09pm

Posted by Federick Joe P Fajardo on Jun 24

CVEID: CVE-2015-4464

SUBJECT: Insufficient Authorization Checks Request Handling Remote
Authentication Bypass for Kguard Digital Video Recorders

DESCRIPTION: A deficiency in handling authentication and authorization
has been found with Kguard 104/108/v2 models. While password-based
authentication
is used by the ActiveX component to protect the login page, all the
communication
to the application server at port 9000 allows data to be...
Categories: