the original cloud security
Showing 1 - 23 of 23 RSS Feed

Files from Mariano Nunez Di Croce

Email addressmnunez at cybsec.com
First Active2005-12-18
Last Active2013-02-22
SAP SDM Denial Of Service
Posted Feb 22, 2013
Authored by Mariano Nunez Di Croce, Jordan Santarsieri | Site onapsis.com

Onapsis Security Advisory - The SDM suffers from a design vulnerability in the way it handles failed user authentication attempts, generating a denial of service condition if some conditions are met. This can be abused by a malicious attacker to disrupt this service.

tags | advisory, denial of service
MD5 | 81264124fb915a0bf5718671139c00f1
SAP Portal PDC Information Disclosure
Posted Feb 22, 2013
Authored by Mariano Nunez Di Croce | Site onapsis.com

Onapsis Security Advisory - The SAP Portal "Federation" configuration pages do not properly handle authentication, exposing the entire Portal infrastructure.

tags | advisory
MD5 | 4d262d37dfa5719ad9f94c1b5bf45046
SAP WebAS Malicious SAP Shortcut Generation
Posted Sep 15, 2011
Authored by Mariano Nunez Di Croce | Site onapsis.com

Onapsis Security Advisory - Weaknesses in the SAP WebAS system allow for malicious shortcut generation. Upon a successful exploitation, an attacker would be able to obtain sensitive information from legitimate users through social engineering attacks and/or exploit vulnerabilities in their systems in order to take control of them.

tags | advisory, vulnerability
MD5 | 8aeee3f6fa6b8478f333cbf78c1c5560
SAP WebAS webrfc Cross Site Scripting
Posted Sep 15, 2011
Authored by Mariano Nunez Di Croce | Site onapsis.com

Onapsis Security Advisory - SAP WebAS suffers from a cross site scripting vulnerability. Upon a successful exploitation, an attacker would be able to obtain sensitive information from legitimate users through social engineering attacks and/or exploit vulnerabilities in their systems in order to take control of them.

tags | advisory, vulnerability, xss
MD5 | bdeb15add14020bdca24d9eebecc7bed
SAP WebAS Remote Denial Of Service
Posted Sep 15, 2011
Authored by Mariano Nunez Di Croce | Site onapsis.com

Onapsis Security Advisory - An unauthenticated attacker can remotely disrupt the SAP Application Server and cause a denial of service condition. This would result in the total unavailability of the ERP functionality, preventing company users from performing the required business processes.

tags | advisory, denial of service
MD5 | 5196227878ee61b34a9dff5e43de913d
SAP WebAS Integrated ITS Remote Command Execution
Posted Jan 20, 2010
Authored by Mariano Nunez Di Croce

SAP WebAS Integrated ITS suffers from a remote command execution vulnerability.

tags | advisory, remote
MD5 | 1d62170de01d709c778e563509f64c67
SAP Penetration Testing With Sapyto
Posted Apr 17, 2009
Authored by Mariano Nunez Di Croce

Whitepaper called SAP Penetration Testing with Sapyto.

tags | paper
MD5 | 9fb585ec3a434c84249863823bc476fa
CYBSEC-Whitepaper-Exploiting_SAP_Internals.pdf
Posted Apr 5, 2007
Authored by Mariano Nunez Di Croce | Site cybsec.com

Whitepaper: Exploiting SAP Internals - A Security Analysis Of The RFC Interface Implementation.

tags | paper
MD5 | b87a07ea5c69183ecbf36fca8270389a
CYBSEC-saprfssprfc.txt
Posted Apr 5, 2007
Authored by Mariano Nunez Di Croce | Site cybsec.com

CYBSEC Security Advisory - The SAP RFC_START_PROGRAM RFC function suffers from multiple vulnerabilities.

tags | advisory, vulnerability
MD5 | f47ce085567be031efd5293fa3086d1d
CYBSEC-saprfssetreg.txt
Posted Apr 5, 2007
Authored by Mariano Nunez Di Croce | Site cybsec.com

CYBSEC Security Advisory - The SAP RFC_SET_REG_SERVER_PROPERTY RFC function suffers from a denial of service vulnerability.

tags | advisory, denial of service
MD5 | e5b0afde1ec45358d303e94ed39d529b
CYBSEC-sapscirfc.txt
Posted Apr 5, 2007
Authored by Mariano Nunez Di Croce | Site cybsec.com

CYBSEC Security Advisory - The SAP SYSTEM_CREATE_INSTANCE RFC function suffers from a buffer overflow vulnerability.

tags | advisory, overflow
MD5 | dadd580f896d263ac752ca9805d535fe
CYBSEC-saprfssgr.txt
Posted Apr 5, 2007
Authored by Mariano Nunez Di Croce | Site cybsec.com

CYBSEC Security Advisory - The SAP RFC_START_GUI RFC function suffers from a buffer overflow vulnerability.

tags | advisory, overflow
MD5 | d4064972f628d3962d9e961c8c5a3cf5
CYBSEC-saprfcstart.txt
Posted Apr 5, 2007
Authored by Mariano Nunez Di Croce | Site cybsec.com

CYBSEC Security Advisory - The SAP RFC_START_PROGRAM RFC function suffers from multiple vulnerabilities.

tags | advisory, vulnerability
MD5 | 247bbbfd43668f286559b88bacf0d292
CYBSEC-stssrfc.txt
Posted Apr 5, 2007
Authored by Mariano Nunez Di Croce | Site cybsec.com

CYBSEC Security Advisory - The SAP TRUSTED_SYSTEM_SECURITY RFC function suffers from an information disclosure.

tags | advisory, info disclosure
MD5 | 4f7bd86ae441401da4957ba7da673a8d
CYBSEC-presapigsbo.txt
Posted Jan 20, 2007
Authored by Mariano Nunez Di Croce | Site cybsec.com

CYBSEC Security Advisory - A specially crafted HTTP request can trigger a remote buffer overflow in SAP IGS service.

tags | advisory, remote, web, overflow
MD5 | 85d4decac437bdd1344898163483385d
CYBSEC-Arbitrary.txt
Posted Dec 6, 2006
Authored by Mariano Nunez Di Croce | Site cybsec.com

CYBSEC Security Advisory - A specially crafted HTTP request can remove any file located in SAP IGS file-system. SAP IGS versions 6.40 Patchlevel 16 and below and 7.00 Patchlevel 6 and below are affected.

tags | advisory, web
MD5 | d57a01a5b3d05aaf6ecec121dbb72fec
CYBSEC-SAP-IGS.txt
Posted Dec 6, 2006
Authored by Mariano Nunez Di Croce | Site cybsec.com

CYBSEC Security Advisory - Undocumented features have been discovered in SAP IGS service, some of which may signify security risks. SAP IGS versions 6.40 Patchlevel 15 and below and 7.00 Patchlevel 3 and below are affected.

tags | advisory
MD5 | ed52b8035c0c9f2625fff8c9fbdacce2
CYBSEC-MSDHCP.txt
Posted Aug 30, 2006
Authored by Mariano Nunez Di Croce | Site cybsec.com

CYBSEC Security Advisory - A remote buffer overflow vulnerability has been identified in Microsoft Windows DHCP-Client Service. Affected products include Microsoft Windows 2000 SP4 and below, Microsoft Windows XP SP2 and below, and Microsoft Windows 2003 SP1 and below.

tags | advisory, remote, overflow
systems | windows, 2k, xp
MD5 | d7b3548d732196e036684dadd08fee3f
CYBSEC-SAPIGSBO.txt
Posted Aug 27, 2006
Authored by Mariano Nunez Di Croce | Site cybsec.com

CYBSEC Security Advisory - The SAP Internet Graphics Service (IGS) suffers from a buffer overflow condition.

tags | advisory, overflow
MD5 | 248edcb65495f3b7616044270f30f225
CYBSEC-SAPIGSDOS.txt
Posted Aug 27, 2006
Authored by Mariano Nunez Di Croce | Site cybsec.com

CYBSEC Security Advisory - The SAP Internet Graphics Service (IGS) suffers from a remote denial of service condition.

tags | advisory, remote, denial of service
MD5 | 39a23d4600a97b350f9c11425b90dc8d
CYBSEC-mswinDHCP.txt
Posted Jul 12, 2006
Authored by Mariano Nunez Di Croce | Site cybsec.com

A remote buffer overflow vulnerability has been identified in Microsoft Windows DHCP-Client service. Affected include Microsoft Windows 2000 SP4 and below, Microsoft Windows XP SP2 and below, and Microsoft Windows 2003 SP1 and below.

tags | advisory, remote, overflow
systems | windows, 2k, xp
MD5 | e5006150d8e56274970c6cccc19613a7
AppScanQA-RemoteCodeExec-PoC.zip
Posted Dec 18, 2005
Authored by Mariano Nunez Di Croce | Site cybsec.com

Proof of concept exploit for AppScan QA versions 5.0.x that stages itself as a webserver and exploits a buffer overflow via the WWW-Authenticate header of a 401 HTTP response.

tags | exploit, web, overflow, proof of concept
MD5 | 7f372648b79922c22ee027921f0bcb10
cybsec-watchfire.txt
Posted Dec 18, 2005
Authored by Mariano Nunez Di Croce | Site cybsec.com

AppScan QA versions 5.0.x suffer from a buffer overflow vulnerability in the WWW-Authenticate header of a 401 HTTP response.

tags | advisory, web, overflow
MD5 | c433a72ae6e1b63391cfe8a030a3ebce
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close