exploit the possibilities
Showing 1 - 25 of 30 RSS Feed

Files from Juan Pablo Perez Etchegoyen

First Active2011-04-28
Last Active2016-08-20
SAP TREX 7.10 Revision 63 Remote Command Execution
Posted Aug 20, 2016
Authored by Juan Pablo Perez Etchegoyen, Sergio Abraham, Nahuel Sanchez | Site onapsis.com

SAP TREX version 7.10 revision 63 suffers from a remote command execution vulnerability.

tags | advisory, remote
advisories | CVE-2016-6147
MD5 | 811fc2b0b78356bd151035beb96b211c
SAP TREX 7.10 Revision 63 NameServer TNS Information Disclosure
Posted Aug 20, 2016
Authored by Juan Pablo Perez Etchegoyen, Sergio Abraham, Nahuel Sanchez | Site onapsis.com

SAP TREX version 7.10 revision 63 suffers from a TNS information disclosure vulnerability in NameServer.

tags | advisory, info disclosure
advisories | CVE-2016-6146
MD5 | 387fad6fc67f859b5fc254aa15f3c4a4
SAP TREX 7.10 Revision 63 Arbitrary File Write
Posted Aug 19, 2016
Authored by Juan Pablo Perez Etchegoyen, Sergio Abraham | Site onapsis.com

SAP TREX 7.10 revision 63 suffers from an arbitrary file write vulnerability.

tags | advisory, arbitrary
advisories | CVE-2016-6140
MD5 | 1a9cea5a8fb624d6549f804de5968650
SAP TREX 7.10 Revision 63 Remote File Read
Posted Aug 19, 2016
Authored by Juan Pablo Perez Etchegoyen, Sergio Abraham | Site onapsis.com

SAP TREX 7.10 revision 63 suffers from a remote file read vulnerability.

tags | advisory, remote
advisories | CVE-2016-6139
MD5 | 9edc88bf7ada9c7d0e3d3c50524da454
SAP TREX 7.10 Revision 63 Directory Traversal
Posted Aug 19, 2016
Authored by Juan Pablo Perez Etchegoyen, Sergio Abraham | Site onapsis.com

SAP TREX 7.10 revision 63 suffers from a remote directory traversal vulnerability.

tags | advisory, remote
advisories | CVE-2016-6138
MD5 | 71456e59ea6617331fd05179a05f46d1
SAP TREX 7.10 Revision 63 Remote Command Execution
Posted Aug 19, 2016
Authored by Juan Pablo Perez Etchegoyen, Sergio Abraham | Site onapsis.com

SAP TREX 7.10 revision 63 suffers from a remote command execution vulnerability.

tags | advisory, remote
advisories | CVE-2016-6137
MD5 | 6a800f5701df3fa19e3d6ee4826acae5
SAP HANA DB 1.00.091.00.1418659308 Password Disclosure
Posted Aug 19, 2016
Authored by Juan Pablo Perez Etchegoyen, Sergio Abraham | Site onapsis.com

SAP HANA DB version 1.00.091.00.1418659308 suffers from a password disclosure vulnerability.

tags | advisory
advisories | CVE-2016-3640
MD5 | cfd728799bb467d4d07f503ceb4af4b2
SAP HANA Remote Trace Disclosure
Posted Nov 9, 2015
Authored by Juan Pablo Perez Etchegoyen, Sergio Abraham | Site onapsis.com

Due to a flaw in SAP HANA DB version 1.00.73.00.389160, a remote unauthenticated attacker could read remote logs containing technical information about the system which could help to facilitate further attacks against the system.

tags | advisory, remote
advisories | CVE-2015-7991
MD5 | 20418d4337d05109892d3a3ffa53a6ae
SAP HANA TrexNet Command Execution
Posted Nov 9, 2015
Authored by Juan Pablo Perez Etchegoyen, Sergio Abraham, Nahuel Sanchez | Site onapsis.com

Using the multiple methods available in the TrexNet protocol, a remote unauthenticated attacker could execute arbitrary operating system commands, python modules, read, write and delete files and directories, read environment information and also completely shut down the SAP HANA instance. The attacker could also send TMS queries to the NameSever component, which could allow him to retrieve technical information of the remote system such as configuration files. SAP HANA Database versions 1.00 SPS10 and below are affected.

tags | advisory, remote, arbitrary, protocol, python
advisories | CVE-2015-7828
MD5 | 2bd2e126c0c597ab90ac3829e6b06ded
SAP Business Objects Search Token Privilege Escalation
Posted Dec 16, 2014
Authored by Will Vandevanter, Juan Pablo Perez Etchegoyen | Site onapsis.com

Onapsis Security Advisory - By exploiting a search token privilege escalation vulnerability, a remote and potentially unauthenticated attacker would be able to access or modify any information stored on the SAP BusineesObjects server. The attacker could also connect to the business systems depending on the configuration of the BO infrastructure. BusinessObjects Edge version 4.1 is affected.

tags | advisory, remote
advisories | CVE-2014-9320
MD5 | 028f048843e0f74cef940aeac47c03ec
SAP SLD Information Tampering
Posted Jun 6, 2014
Authored by Jordan Santarsieri, Juan Pablo Perez Etchegoyen, Pablo Muller | Site onapsis.com

Onapsis Security Advisory - A remote unauthenticated attacker might be able to modify technical information about SAP systems potentially leading to a full compromise of all business information due to an SLD information tampering vulnerability.

tags | advisory, remote
MD5 | 39161a785bc588e9912655d522ce324b
SAP SMD Agent Code Injection
Posted Feb 23, 2013
Authored by Juan Pablo Perez Etchegoyen | Site onapsis.com

Onapsis Security Advisory - Abuse of the SAP SMD agent unauthenticated interface will allow a remote attacker to install an arbitrary application and achieve a full compromise of the SMD agent and the SAP instances installed on the server.

tags | advisory, remote, arbitrary
MD5 | a3fa3c4d188ac361aa0806342d3c9692
SAP CCMS Agent Code Injection
Posted Feb 23, 2013
Authored by Juan Pablo Perez Etchegoyen | Site onapsis.com

Onapsis Security Advisory - The SAP CCMS agent is built as an RFC external server, exposing several RFC functions. One of these functions allows a remote unauthenticated user to execute arbitrary commands which are executed with SIDADM privileges (the highest possible in the SAP world).

tags | advisory, remote, arbitrary
MD5 | b8f6cf76d0d5344548c14afdf4f4e944
SAP J2EE Core Service Arbitrary File Access
Posted Feb 22, 2013
Authored by Juan Pablo Perez Etchegoyen | Site onapsis.com

Onapsis Security Advisory - By exploiting an arbitrary file access vulnerability in the SAP J2EE Core Services, a remote unauthenticated attacker may be able to compromise the entire ERP system.

tags | advisory, remote, arbitrary
MD5 | e1fd7e635e176bce799bc3889400bc73
Oracle JD Edwards Security Kernel Information Disclosure
Posted Feb 24, 2012
Authored by Juan Pablo Perez Etchegoyen | Site onapsis.com

Onapsis Security Advisory - If a specially crafted packet is sent to the JDENet Service (6015 TCP by default), then it would be possible to validate arbitrary (USER, ROLE, ENVIRONMENT) tuples, in order to detect valid ones.

tags | advisory, arbitrary, tcp
advisories | CVE-2011-2326
MD5 | 87766527c46244ae86d688733b33c1e5
Oracle JD Edwards SawKernel SET_INI Configuration Modification
Posted Feb 24, 2012
Authored by Juan Pablo Perez Etchegoyen | Site onapsis.com

Onapsis Security Advisory - If a specially crafted message is sent to the JDENET service (specifically to the SAW Kernel), a user can remotely change the JDE.INI configuration file. This situation might help the attacker to perform complex attacks that would lead in a full compromise of the system.

tags | advisory, kernel
advisories | CVE-2011-3514
MD5 | 09db0464c87d9bc613e62c4692f5908d
Oracle JD Edwards JDENET Large Packets Denial Of Service
Posted Feb 24, 2012
Authored by Juan Pablo Perez Etchegoyen | Site onapsis.com

Onapsis Security Advisory - If a message containing packets of a specific size is sent to the JDENET service, a Denial of service condition is triggered, because the kernel in charge of dispatching those packets uses all the available CPU time.

tags | advisory, denial of service, kernel
advisories | CVE-2011-2324
MD5 | 1db03a4b4d4ad95f47e8cdd1dd4ae035
Oracle JD Edwards JDENET Multiple Information Disclosure
Posted Feb 24, 2012
Authored by Juan Pablo Perez Etchegoyen | Site onapsis.com

Onapsis Security Advisory - Several ways to gather information exist in the JDENET service. Sending specific types of messages, it is possible to access technical information about the system's configuration.

tags | advisory
advisories | CVE-2011-2321
MD5 | 93ce91ac095ba8f94dea493aaf37d9bb
Oracle JD Edwards SawKernel GET_INI Information Disclosure
Posted Feb 24, 2012
Authored by Juan Pablo Perez Etchegoyen | Site onapsis.com

Onapsis Security Advisory - If a specially crafted message is sent to the JDENET service (specifically to the SAW Kernel), a user can remotely retrieve data from the JDE.INI configuration FILE. This information includes password for database connection and configuration of node password for authentication tokens.

tags | advisory, kernel
advisories | CVE-2011-3524
MD5 | f391b79372c53271cbbc5a8f9ee39485
Oracle JD Edwards SawKernel Arbitrary File Read
Posted Feb 24, 2012
Authored by Juan Pablo Perez Etchegoyen | Site onapsis.com

Onapsis Security Advisory - If a specially crafted packet is sent to the JDENet Service (6015 TCP by default), and the JDESAW Kernel is configured (it is by default), then it would be possible to read any file on the system.

tags | advisory, kernel, tcp
advisories | CVE-2011-3509
MD5 | b7b9aca3d36a0b1787038a6daaaa0bf7
Oracle JD Edwards Security Kernel Remote Password Disclosure
Posted Feb 24, 2012
Authored by Juan Pablo Perez Etchegoyen | Site onapsis.com

Onapsis Security Advisory - If a specially crafted packet is sent to the JDENet Service (6015 TCP by default), and the Security Kernel is enabled and SignonSecurity is configured, then it is possible to retrieve the password of arbitrary users.

tags | advisory, arbitrary, kernel, tcp
advisories | CVE-2011-2325
MD5 | cea57f08a8dc7de69acbf242410e178d
Oracle JD Edwards JDENET Arbitrary File Write
Posted Feb 24, 2012
Authored by Juan Pablo Perez Etchegoyen | Site onapsis.com

Onapsis Security Advisory - If a "Message packet" is sent to the JDENet port (6015 by default) containing a specially crafted "File Packet", the sent file is saved in the server where the JDENet service is running, in the arbitrary location specified by the "File Packet".

tags | advisory, arbitrary
advisories | CVE-2011-2317
MD5 | 16933df25f958bc49d6a5320203fc259
Oracle JD Edwards JDENET USRBROADCAST Denial Of Service
Posted Apr 28, 2011
Authored by Juan Pablo Perez Etchegoyen | Site onapsis.com

Onapsis Security Advisory - JDENet is a network communication middleware that performs network communications workstation-to-server and server-to-server. It is used to call remote functions, to authenticate users and transmit information between hosts in a JD Edwards environment. If a specially crafted packet is sent to the JDENet service, and access violation is raised. As the process fails to process this exception, this results in a crash that would render the system unavailable.

tags | advisory, remote
MD5 | b4d57f0f4f2e3b887d3b4be360c390b5
Oracle JD Edwards JDENET Firewall Bypass
Posted Apr 28, 2011
Authored by Juan Pablo Perez Etchegoyen | Site onapsis.com

Onapsis Security Advisory - JDENet is a network communication middleware that performs network communications workstation-to-server and server-to-server. It is used to call remote functions, to authenticate users and transmit information between hosts in a JD Edwards environment. If a specially-crafted UDP packet is sent to the JDENet port, the JDENET service creates a TCP connection to the provided IP and PORT parameters. This connection could be used to access the JDENET and all ERP functionality provided through that callback connection.

tags | advisory, remote, udp, tcp
MD5 | 0f460bef9ee77b3cea3827f5005b6649
Oracle JD Edwards JDENET Buffer Overflow
Posted Apr 28, 2011
Authored by Juan Pablo Perez Etchegoyen | Site onapsis.com

Onapsis Security Advisory - JDENet is a network communication middleware that performs network communications workstation-to-server and server-to-server. It is used to call remote functions, to authenticate users and transmit information between hosts in a JD Edwards environment. If a packet of a specific size is sent to the JDENet Service, a heap based buffer overflow condition is raised.

tags | advisory, remote, overflow
MD5 | 164b123704c9f54ab5166d0ae37e1459
Page 1 of 2
Back12Next

File Archive:

September 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    38 Files
  • 3
    Sep 3rd
    30 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    12 Files
  • 6
    Sep 6th
    17 Files
  • 7
    Sep 7th
    3 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    24 Files
  • 10
    Sep 10th
    22 Files
  • 11
    Sep 11th
    22 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    5 Files
  • 14
    Sep 14th
    2 Files
  • 15
    Sep 15th
    1 Files
  • 16
    Sep 16th
    11 Files
  • 17
    Sep 17th
    14 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close