4187 matches found
CVE-2013-0396
Technical details about CVE-2013-0396 are not publicly available in the provided documents; monitor for updates.
CVE-2013-0359
CVE-2013-0359 affects the APM - Application Performance Management component in Oracle Enterprise Manager Grid Control (versions 6.5, 11.1, 12.1.0.2). The vulnerability is described as unspecified with impact to confidentiality, integrity, and availability via unknown vectors related to Business ...
CVE-2013-0360
Technical details for CVE-2013-0360 are not publicly disclosed in the provided documents. Monitor for updates; no affected product/version, exploit info, vectors, or remediation are specified here.
CVE-2013-0396
Unspecified vulnerability in the Application Performance Management APM component in Oracle Enterprise Manager Grid Control 6.5, 11.1, and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Business Transaction Management, a different vulnerability than...
Oracle Business Transaction Management Server 12.1.0.2.7 File Upload
File upload vulnerability in Oracle Business Transaction Management Server FlashTunnel Service Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...
DDoS Attacks on Major US Banks Resurface
UPDATE — The group that claimed responsibility for large-scale distributed denial-of-service attacks against major U.S. banks in September and October has carried out another flurry of attacks that are still ongoing today. Izz ad-Din al-Qassam Cyber Fighters posted its latest threat on Pastebin,...
Zitmo Trojan Variant Eurograbber Beats Two-Factor Authentication to Steal Millions
Online banking customers in Europe are falling victim by the thousands to a new banking Trojan that is infecting Android and BlackBerry devices and is capable of defeating two-factor authentication. The Trojan, dubbed Eurograbber by researchers at Check Point Software Technologies and Verasafe, i...
SAP /sap/bc/soap/rfc SOAP Service SXPG_CALL_SYSTEM Function Command Execution
This module makes use of the SXPGCALLSYSTEM Remote Function Call, through the use of the /sap/bc/soap/rfc SOAP service to execute OS commands as configured in the SM69 transaction. This module requires Metasploit: https://metasploit.com/download Current source:...
SAP SOAP RFC SXPG_COMMAND_EXECUTE
This module makes use of the SXPGCOMMANDEXECUTE Remote Function Call, through the use of the /sap/bc/soap/rfc SOAP service to execute OS commands as configured in the SM69 transaction. This module requires Metasploit: https://metasploit.com/download Current source:...
Bank Fraud Suspects Net $1M in Citibank Casino Scheme
Fourteen individuals were charged late last week after the Federal Bureau of Investigation, along with the Los Angeles Police Department and the Glendale, Calif. Police Department found they were behind a scheme that extracted more than $1 million from Citibank cash-advance kiosks in Southern...
Oracle Business Transaction Management Arbitrary File Creation
A directory traversal vulnerability has been reported in Oracle Business Transaction Management Server. The vulnerability is due to insufficient validation of user input while processing crafted SOAP requests sent to the affected service. A remote attacker can exploit this issue by sending a...
Oracle Business Transaction Management Arbitrary File Deletion
A directory traversal vulnerability has been reported in Oracle Business Transaction Management Server...
Oracle Business Transaction Management FlashTunnelService - Remote Code Execution (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Oracle Business Transaction Managemen...
Oracle BTM FlashTunnelService Remote Code Execution
Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core'...
Oracle Business Transaction Management FlashTunnelService Remote Code Execution
This module exploits abuses the FlashTunnelService SOAP web service on Oracle Business Transaction Management 12.1.0.7 to upload arbitrary files, without authentication, using the WriteToFile method. The same method contains a directory traversal vulnerability, which allows to upload the files to...
Mandrake Linux Security Advisory : bind (MDKSA-2001:017)
Four problems exists in all versions of ISC BIND 4.9.x prior to 4.9.8 and 8.2.x prior to 8.2.3 9.x is not affected. Version 8.2.x contains a buffer overflow in transaction signature TSIG handling code that can be exploited by an attacker to gain unauthorized privileged access to the system,...
Oracle Business Transaction Management FlashTunnelService WriteToFile Vulnerability
Added: 08/17/2012 BID: 54839 Background Oracle Business Transaction Management BTM is a component of several Oracle Enterprise Manager Management Packs, including WebLogic Server Management Pack Enterprise Edition. Oracle BTM provides capability in three key areas: transaction visibility,...
Oracle Business Transaction Management FlashTunnelService WriteToFile Vulnerability
Added: 08/17/2012 BID: 54839 Background Oracle Business Transaction Management BTM is a component of several Oracle Enterprise Manager Management Packs, including WebLogic Server Management Pack Enterprise Edition. Oracle BTM provides capability in three key areas: transaction visibility,...
Oracle Business Transaction Management FlashTunnelService WriteToFile Vulnerability
Added: 08/17/2012 BID: 54839 Background Oracle Business Transaction Management BTM is a component of several Oracle Enterprise Manager Management Packs, including WebLogic Server Management Pack Enterprise Edition. Oracle BTM provides capability in three key areas: transaction visibility,...
Oracle Business Transaction Management FlashTunnelService WriteToFile Vulnerability
Added: 08/17/2012 BID: 54839 Background Oracle Business Transaction Management BTM is a component of several Oracle Enterprise Manager Management Packs, including WebLogic Server Management Pack Enterprise Edition. Oracle BTM provides capability in three key areas: transaction visibility,...