SAP TREX version 7.10 revision 63 suffers from a remote command execution vulnerability.
0819be6c462080645727510772e93d336c75a8827da0a93033522577a8a61c8cSAP TREX version 7.10 revision 63 suffers from a TNS information disclosure vulnerability in NameServer.
7b9adee861d5e668126c4a179eb39eaad2ab92fa481b23b056ff2cb62d5297a1SAP TREX 7.10 revision 63 suffers from an arbitrary file write vulnerability.
5a99e7f7eae9d9a3066219049450db19d95da02530af7b6a5e101a1da4c7ddffSAP TREX 7.10 revision 63 suffers from a remote file read vulnerability.
e3509536f1ca1b383605ab1ab9d476c85a741c1fa9c35209743c2a2e449c5690SAP TREX 7.10 revision 63 suffers from a remote directory traversal vulnerability.
ba4abc7db7d764d9cf3ca72412bc129f86fb9296f37112f744602a22fb11e0cfSAP TREX 7.10 revision 63 suffers from a remote command execution vulnerability.
57335d49d9f144bf86626dce42926f6e8d20c20f3641c7437a2982b8a8a46953SAP HANA DB version 1.00.091.00.1418659308 suffers from a password disclosure vulnerability.
20d119aebb419f9c23fcacb993de3aea0f03fe535415bd530f18ffac68545a77Due to a flaw in SAP HANA DB version 1.00.73.00.389160, a remote unauthenticated attacker could read remote logs containing technical information about the system which could help to facilitate further attacks against the system.
fd289a49117a0a823798ba0eed96cdc41815b67bc8c0a02046f5482b8e5ad75bUsing the multiple methods available in the TrexNet protocol, a remote unauthenticated attacker could execute arbitrary operating system commands, python modules, read, write and delete files and directories, read environment information and also completely shut down the SAP HANA instance. The attacker could also send TMS queries to the NameSever component, which could allow him to retrieve technical information of the remote system such as configuration files. SAP HANA Database versions 1.00 SPS10 and below are affected.
e4cccb6ea9d715363678d97b705a3ed4cfae92d173b1157c598542160cec7a0eOnapsis Security Advisory - By exploiting a search token privilege escalation vulnerability, a remote and potentially unauthenticated attacker would be able to access or modify any information stored on the SAP BusineesObjects server. The attacker could also connect to the business systems depending on the configuration of the BO infrastructure. BusinessObjects Edge version 4.1 is affected.
572684cdc3bc2a7bd551c52105bd0203238dbe5954d6313dd9841c6c341fed6bOnapsis Security Advisory - A remote unauthenticated attacker might be able to modify technical information about SAP systems potentially leading to a full compromise of all business information due to an SLD information tampering vulnerability.
38205de30d7077e9d7a6e240e956ac54d8c2700272a5830b5e2fc4a702ab4895Onapsis Security Advisory - Abuse of the SAP SMD agent unauthenticated interface will allow a remote attacker to install an arbitrary application and achieve a full compromise of the SMD agent and the SAP instances installed on the server.
36b9779f3920be11724a516d2b460f2187a417205eb2607fd3dedbdb7e5e7b94Onapsis Security Advisory - The SAP CCMS agent is built as an RFC external server, exposing several RFC functions. One of these functions allows a remote unauthenticated user to execute arbitrary commands which are executed with SIDADM privileges (the highest possible in the SAP world).
dd361885dbd5c02f12bfddbe6e1861c6ae6081f3fcfc5fdbadf9827a88d812e1Onapsis Security Advisory - By exploiting an arbitrary file access vulnerability in the SAP J2EE Core Services, a remote unauthenticated attacker may be able to compromise the entire ERP system.
da3f2ea2375b491dc09f2e39744d27613ea5e3233a1d79d58c43b34842597e24Onapsis Security Advisory - If a specially crafted packet is sent to the JDENet Service (6015 TCP by default), then it would be possible to validate arbitrary (USER, ROLE, ENVIRONMENT) tuples, in order to detect valid ones.
bd2dcc460f9817265732bc0808e8543eaac886463c0594e24bd5fce15ec0bc80Onapsis Security Advisory - If a specially crafted message is sent to the JDENET service (specifically to the SAW Kernel), a user can remotely change the JDE.INI configuration file. This situation might help the attacker to perform complex attacks that would lead in a full compromise of the system.
828b3a567c457e25def81aed87d84c454dc26926bd2577c4e6994f3c298a3a9dOnapsis Security Advisory - If a message containing packets of a specific size is sent to the JDENET service, a Denial of service condition is triggered, because the kernel in charge of dispatching those packets uses all the available CPU time.
e078711b599b4ca14519d9a0815063149df5877baf8bdefeb3da7bcb1a95522eOnapsis Security Advisory - Several ways to gather information exist in the JDENET service. Sending specific types of messages, it is possible to access technical information about the system's configuration.
a6dfb3a6559dfc645d1303f9b5a6826e4fa6b4bbc4a75ebc31faef54217250c8Onapsis Security Advisory - If a specially crafted message is sent to the JDENET service (specifically to the SAW Kernel), a user can remotely retrieve data from the JDE.INI configuration FILE. This information includes password for database connection and configuration of node password for authentication tokens.
90f2ce75b9c8f2dc58f994c02fbf3ab323d56248d40faf948d178fd4350492a4Onapsis Security Advisory - If a specially crafted packet is sent to the JDENet Service (6015 TCP by default), and the JDESAW Kernel is configured (it is by default), then it would be possible to read any file on the system.
8830e58431e4e54de8e064e5cd249e16908cd8f778228632a25fa840fdf16e20Onapsis Security Advisory - If a specially crafted packet is sent to the JDENet Service (6015 TCP by default), and the Security Kernel is enabled and SignonSecurity is configured, then it is possible to retrieve the password of arbitrary users.
ca8b740898e9808b2377e7e6e742f24a9adcdee6596d83dbff27ba20b10ae606Onapsis Security Advisory - If a "Message packet" is sent to the JDENet port (6015 by default) containing a specially crafted "File Packet", the sent file is saved in the server where the JDENet service is running, in the arbitrary location specified by the "File Packet".
110da071d60499fa9e34debb38e6a7404f1d62c2405feaa405c2015812db0a2eOnapsis Security Advisory - JDENet is a network communication middleware that performs network communications workstation-to-server and server-to-server. It is used to call remote functions, to authenticate users and transmit information between hosts in a JD Edwards environment. If a specially crafted packet is sent to the JDENet service, and access violation is raised. As the process fails to process this exception, this results in a crash that would render the system unavailable.
fb00b7dfd1a4bfaaa317b021b77e77953255278969e2ee8cefab09d76246d5dfOnapsis Security Advisory - JDENet is a network communication middleware that performs network communications workstation-to-server and server-to-server. It is used to call remote functions, to authenticate users and transmit information between hosts in a JD Edwards environment. If a specially-crafted UDP packet is sent to the JDENet port, the JDENET service creates a TCP connection to the provided IP and PORT parameters. This connection could be used to access the JDENET and all ERP functionality provided through that callback connection.
0c98a162b3edfa493fb0a51d4bc92e4a10f6c96764005f2ec2eaeeb63450c32eOnapsis Security Advisory - JDENet is a network communication middleware that performs network communications workstation-to-server and server-to-server. It is used to call remote functions, to authenticate users and transmit information between hosts in a JD Edwards environment. If a packet of a specific size is sent to the JDENet Service, a heap based buffer overflow condition is raised.
76921f4b4c1e91a19323ad91b682d4affa71e1a792efd459b4fefd21fe6aa43e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed