SAPCRYPTOLIB version 5.555.38 suffers from a missing signature check in its DSA algorithm.
c57e938e01fd374e72b21d0aa73cc8d0c2ca106f33d2addda4e763f24c2e5a95JD Edwards 9.1 EnterpriseOne Server suffers from a JDENET function denial of service vulnerability.
889f5e3dd07c7308e8658794c8da5c0f5284acb131eb8f9f9a5633ddc0a01a18Unauthenticated attackers could create users in the JD Edwards 9.1 EnterpriseOne Server Manager, ultimately compromising the whole JDE landscape hence all of its information and processes.
ca565817d3ce7b6ada51f79927008a327710729db5d5e96af07939a94de5a0bdJD Edwards 9.1 EnterpriseOne Server suffers from a password disclosure vulnerability in JDENET.
4f1e778e88e221bb4ce3c6afa9a34ba2a2c2b9ca7fc096f5c96232f9c74fe045JD Edwards 9.1 EnterpriseOne Server suffers from a JDENET function denial of service vulnerability.
c8d127427c2da707a52dde5b0e9cf0feca87adcede5955d36f02c566422d65b7JD Edwards 9.1 EnterpriseOne Server suffers from a shutdown vulnerability.
f554646aa3f6dfa37e5cf970dfccc59f2a82098df1f7e66dec5919c9d1c7de0dJD Edwards 9.1 EnterpriseOne Server suffers from a password disclosure vulnerability.
f62b06ca46ce6a950bf75e81bcd7d1a68c1c5faa0828341fcfd2c92b0be3d0e8SAP HANA version 1.00.091.00.1418659308 suffers from a get topology information disclosure vulnerability.
e75c9fed09b354564d28969a1389e8b9410fd2173c6b155ffb2381ac96e43e93Onapsis Security Advisory - SAP HANA suffers from a remote SQL injection vulnerability in getSqlTraceConfiguration function. By exploiting this vulnerability an attacker could read sensitive business information stored in the HANA system and change configuration parameters which could render the system unavailable for other users.
eb43d022e8fddd6eecbc5626bd6c632f0e9e075f3e94ea6552a956f95eaf9793The SAP Mobile Platform 3.0 SP5 has an API called DataVault, which is used to securely store data on mobile devices. The SAP DataVault has a special mechanism to generate a default set of credentials if no password/salt is supplied during the creation of the secure storage. In this mode of operation the password/salt is derived from a combination of fixed values and the VaultID belonging to the secure storage.
32913d9c0e2b94e7527b9505f766bc7240c4bd0dc83949976a4b1580dfab6d6dThe SAP Mobile Platform 3.0 SP5 has an API called DataVault, which is used to securely store data on mobile devices. The SAP DataVault uses a special password derived from well-known values to encrypt some configuration values like the count of invalid attempts to unlock a secure store. This password is a composition of a value which is available in plaintext form inside the secure store container, and a fixed value. Also, the salt used is fixed. Both values are statically defined by the SAP DataVault implementation, and do not depend neither on the installation nor on the usage of the DataVault.
ca2a1ef0f9df48466ca59b88143c1cb70baf5e0e78eae224f7995bf13e67bc92The SAP Mobile Platform 3.0 SP5 has an API called DataVault, which is used to securely store data on mobile devices. Due to an incorrect implementation of the cryptographic algorithms and parameters, it is possible to recover the keystream for the encrypted data. As a result, it is possible to recover part of the plaintext corresponding to an encrypted piece of data thus reverting the encryption process of some values inside the DataVault without needing the original secret key. Furthermore, due to the lack of cryptographic integrity mechanisms in the SAP DataVault an attacker recovering this keystream has the possibility of re-encrypting (or modifying in practical terms) with some limitations, some values previously encrypted inside the DataVault.
cd43a3f66a460ba3e471e6f03fe9bed24f562a9b22ab386dc9a02fc1929d34f9Onapsis Security Advisory - Under certain conditions, the SAP HANA XS engine is vulnerable to arbitrary log injection, allowing remote authenticated attackers to write arbitrary information in log files. This could be used to corrupt log files or add fake content misleading an administrator.
5ca7d3e9291f057648e9f6f695e85a6ed4865966ffa4228700ba29b2884a76f7Onapsis Security Advisory - SAP HANA suffers from an information disclosure vulnerability via SQL IMPORT FROM statements.
bb14e2959b52d187e9b6acc4384e410e0927c0d33b3653e304b8da39ef6615f8There is a buffer overflow in libsrtp based on how the function crypto_policy_set_from_profile_for_rtp applies the cryptographic profiles srtp_profile_aes128_cm_sha1_32/srtp_profile_aes256_cm_sha1_32 to a srtp_policy, as shown by the source code of srtp/srtp.c.
112bf3ad2eda5bcd6a0c1e1ed5ede49353a25cf04adb02ff4b6303ee26c6fef2Core Security Technologies Advisory - There is a bug in the ReadLayoutFile Windows Kernel function that can be leveraged into a local privilege escalation exploit, potentially usable in a client-side attack scenario or after a remote intrusion by other means.
ad5c6d91d11d4dcc9b8463439354e1e8142812d8ed2bc300fc637ac6cc763462Core Security Technologies Advisory ID: CORE-2003-0303 - Six vulnerabilities have been found in the Mirabilis ICQ Pro 2003a client that are both locally and remotely exploitable. Use of these allow for remote code execution and a denial of service.
0991a1824e78e4c8354e6a13a23e4dcb0744e6f23f88a6827fb82c4a80bcd380
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed