Oracle E-Business Suite 12.2.3 SQL Injection

Application: Oracle E-Business Suite Versions Affected: Oracle EBS 12.2.3 Vendor URL: http://oracle.com Bug: SQL injection Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017 Reference: Oracle CPU April 2017 Author: Dmitry Chastuhin ERPScan Description 1. ADVISORY...

Broadcom: Heap overflow in TDLS Teardown Request while handling Fast Transition IE (CVE-2017-0561)

详细分析：https://googleprojectzero.blogspot.tw/2017/04/over-air-exploiting-broadcoms-wi-fi4.html Posted by Gal Beniamini, Project Zero It's a well understood fact that platform security is an integral part of the security of complex systems. For mobile devices, this statement rings even truer; modern...

Introducing RubySMB: The Protocol Library Nobody Else Wanted To Write

The Server Message Block SMB protocol family is arguably one of the most important network protocols to be conversant in as a security professional. It carries the capability for File and Print Sharing, remote process execution, and an entire system of Named Pipes that serve as access points to a...

For the Node. js in the node-serialize module deserialization vulnerability the subsequent analysis-vulnerability warning-the black bar safety net

Of the Node. js serialization remote command execution vulnerabilities of a number of follow-up found and how to develop the attack load. A few days ago I was in opsecx blog found an article How to use a named node-serialize nodejs module in the RCE remote code execution error blog. The article...

ipsec-tools -- remotely exploitable computational-complexity attack

Robert Foggia via NetBSD GNATS reports: The ipsec-tools racoon daemon contains a remotely exploitable computational complexity attack when parsing and storing isakmp fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly...

SAP NetWeaver AS Java 7.5 XXE in com.sap.km.cm.ice

Application: SAP NetWeaver AS Java Versions Affected: SAP NetWeaver AS Java 7.5 Vendor URL: SAP Bugs: XXE Reported: 17.06.2016 Vendor response: 18.06.2016 Date of Public Advisory: 11.04.2017 Reference: SAP Security Note 2387249 Author: Mathieu Geli ERPScan VULNERABILITY INFORMATION Class: XXE...

drchrono: Bypass password complexity requirements on passsword reset page

Hi, the 'password reset' feature doesn't implement the password complexity requirements the site enforces when first signing up. Because of this issue, I was able to set my password to '1', bypassing the 8 character rule, and the rule which requires me to add a number and a special character to m...

Uber: User credentials are not strong on vault.uber.com

I was just trying to login vault.uber.com I entered email xx and password xx, I got loggedin to someones account. I entered email zz and password zz, I got loggedin to someones account. It means passowrd complexity and length of username/email is not enforced. This allowed my to access the someon...

Easy Hosting Control Panel 0.37.9 Bypass / File Upload / Disclosure

EHCP Easy Hosting Control Panel Multiple Vulnerabilities - Clear Text MySQL Root Password Insufficiently Protected Sensitive Data Authentication Bypass Unauthenticated Arbitrary File Upload Software Links: https://launchpad.net/ehcp http://www.ehcp.net https://sourceforge.net/p/ehcp/wiki/...

Why shellcode analysis is difficult-vulnerability warning-the black bar safety net

Shellcode should be safe the areas of the core one of the things. toc We discuss the common shellcode analysis of the difficulty. shellcode is too full of imagination, itself the exploit is very imaginative, the use way is also very imaginative. Get additional resources Many of the shellcode is...

openSUSE Security Update : ecryptfs-utils (openSUSE-2016-119)

This update for ecryptfs-utils fixes the following issues : - CVE-2016-1572: A local user could have escalated privileges by mounting over special filesystems bsc962052 - CVE-2014-9687: A default salt value reduced complexity of offline precomputation attacks bsc920160 This update was imported fr...

SUSE-SU-2016:0290-1 Security update for ecryptfs-utils

This update for ecryptfs-utils fixes the following issues: - CVE-2016-1572: A local user could have escalated privileges by mounting over special filesystems bsc962052 - CVE-2014-9687: A default salt value reduced complexity of offline precomputation attacks bsc920160...

SAP Hostcontrol remote DOS

Application: SAP NetWeaver AS Java Versions Affected: SAP NetWeaver AS Java 7.0 – 7.5 Vendor URL: SAP Bug: DoS Reported: 01.11.2016 Vendor response: 02.11.2016 Date of Public Advisory: 13.06.2017 Reference: SAP Security Note 2389181 Authors: Mathieu Geli ERPScan VULNERABILITY INFORMATION Class: D...

Siemens SIMATIC Communication Processor Vulnerability (Update C)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC Communication Processor Vulnerability: Authentication Bypass Issues 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-15-335-03...

[ERPSCAN-15-026] Oracle E-Business Suite - SQL injection Vulnerability

ADVISORY INFORMATION Title: Oracle E-Business Suite SQL injection Advisory ID: ERPSCAN-15-026 Advisory URL: http://erpscan.com/advisories/erpscan-15-026-oracle-e-business-suite-sql-injection-vulnerability/ Date published: 20.10.2015 Vendors contacted: Oracle 2. VULNERABILITY INFORMATION Class:...

Perl Email-Address Module Denial of Service Vulnerability

Perl is a cross-platform programming language and Email-Address is one of the email address modules. An algorithmic complexity vulnerability in the Address.pm file of Perl Email-Address allows remote attackers to submit special strings for denial of service attacks...

CVE-2015-7686

Algorithmic complexity vulnerability in Address.pm in the Email-Address module 1.908 and earlier for Perl allows remote attackers to cause a denial of service CPU consumption via a crafted string containing a list of e-mail addresses in conjunction with parenthesis characters that can be associat...

Oracle: Security Advisory (ELSA-2013-1441)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2015-7686

CVE-2015-7686 is a confirmed algorithmic complexity DoS in the perl-Email-Address package’s Address.pm (v1.908 and earlier). It allows remote denial of service via a crafted string of email addresses with nested comments; default config mitigates some cases but parsing can still misbehave. Public...

SAP HANA - log injection and no size restriction

Application: SAP HANA Versions Affected: SAP HANA Vendor URL: http://www.sap.com Bugs: Log injection Reported: 28.09.2015 Vendor response: 29.09.2015 Date of Public Advisory: 12.01.2016 Reference: SAP Security Note 2241978 Author: Mathieu Geli ERPScan VULNERABILITY INFORMATION Class: Log injectio...