CVE-2019-25695

R 3.4.4 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by injecting malicious input into the GUI Preferences language field. Attackers can craft a payload with a 292-byte offset and JMP ESP instruction to execute commands like calc.exe when the...

EUVD-2002-1559

Malware in sbrugna...

EUVD-2001-0363

Malware in sbrugna...

EUVD-2003-1025

Malware in sbrugna...

EUVD-2002-1558

Malware in sbrugna...

EUVD-2019-1084

Malware in sbrugna...

EUVD-2018-14291

Malware in sbrugna...

CVE-2019-0311

Automotive Dealer Portal in SAP R/3 Enterprise Application versions: 600, 602, 603, 604, 605, 606, 616, 617 does not sufficiently encode user-controlled inputs, this makes it possible for an attacker to send unwanted scripts to the browser of the victim using unwanted input and execute malicious...

Cross site scripting

Automotive Dealer Portal in SAP R/3 Enterprise Application versions: 600, 602, 603, 604, 605, 606, 616, 617 does not sufficiently encode user-controlled inputs, this makes it possible for an attacker to send unwanted scripts to the browser of the victim using unwanted input and execute malicious...

CVE-2019-0311

Automotive Dealer Portal in SAP R/3 Enterprise Application versions: 600, 602, 603, 604, 605, 606, 616, 617 does not sufficiently encode user-controlled inputs, this makes it possible for an attacker to send unwanted scripts to the browser of the victim using unwanted input and execute malicious...

CVE-2019-0311

Summary: CVE-2019-0311 affects SAP R/3 Enterprise Application’s Automotive Dealer Portal (versions 600–617). It arises from insufficient encoding of user-controlled inputs, enabling Cross-Site Scripting (XSS) where an attacker’s input can execute scripts in a victim’s browser. Affected component:...

CVE-2018-2436

Executing transaction WRCK in SAP R/3 Enterprise Retail EHP6 does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges...

CVE-2018-2436

CVE-2018-2436 affects SAP R/3 Enterprise Retail (EHP6): an authenticated user can escalate privileges due to missing authorization checks on transaction WRCK. Impact described as privilege escalation with high CVSS3 score (8.8) and notable network exposure. Documented references point to SAP Note...

Cain & Abel v4.9.43 Released

Cain & Abel v4.9.43 Released Cain & Abel is a password recovery tool for Microsoft operating systems.It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using dictionary and brute force attacks, decoding scrambled passwords, revealing passwor...

Cain & Abel v4.9.43 Released

Cain & Abel v4.9.43 Released Cain & Abel is a password recovery tool for Microsoft operating systems.It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using dictionary and brute force attacks, decoding scrambled passwords, revealing passwor...

CYBSEC Release: SAP Security - Paper & Tool release

I am proud to announce the release of a White-paper and an open-source tool, both addressing security of SAP R/3 systems. The paper describes vulnerabilities discovered in the SAP RFC interface implementation and library, as well as some attacks that can be performed over SAP systems. The tool,...

SAP Internet Graphics Server远程缓冲区溢出漏洞

SAP Internet Graphics Server是SAP R/3企业环境的一个组件，可提供图形服务。 SAP Internet Graphics Server不正确处理用户提交的HTTP请求，远程攻击者可以利用漏洞进行缓冲区溢出攻击，可能以进程权限执行任意指令。 目前没有详细漏洞细节提供，成功利用漏洞可导致在UNIX系统下获得SAP系统管理员特权，而在windows下可导致获得SYSTEM权限。 SAP Internet Graphics Server 6.40 Patch 11 SAP Internet Graphics Server 6.40 SAP Internet...

r3mote_unix_UDPexec.pl.txt

!/usr/bin/perl -w use IO::Socket; Unix version of the FX SAP R/3 gwrd vuln. We partially control a call to excve made by lnaxdm/sapsys Easily exploitable with local access Could be done remotely under some conditions 2003, FX of Phenoelit Win32 original code 2005, Nicob Unix version $|=1; die "Gi...

r3mote_win_UDPexec.pl.txt

!/usr/bin/perl -w use IO::Socket; Executes the command given as first argument as a child process of gwrd in Windows R/3 environments. Request packet may not contain space character 0x20. The command interpreter must obviously be modified for other UNIX environments. 2003, FX of Phenoelit $|=1;...

SAP R/3 Internet Graphics Server directory traversal

Directory traversal on accesing htdocs folder...