23 matches found
EUVD-2015-4184
Malware in sbrugna...
EUVD-2016-8257
Malware in sbrugna...
EUVD-2018-14323
Malware in sbrugna...
Privilege escalation
SAP Adaptive Server Enterprise ASE - version 16.0, installation makes an entry in the system PATH environment variable in Windows platform which, under certain conditions, allows a Standard User to execute malicious Windows binaries which may lead to privilege escalation on the local system. The...
SAP Adaptive Server Enterprise (ASE) Installed (Linux)
Binary data sapasenixinstalled.nbin...
Critical SAP ASE Flaws Allow Complete Control of Databases
Researchers are urging users to apply patches for several critical vulnerabilities in SAP’s Adaptive Server Enterprise ASE. If exploited, the most severe flaws could give unprivileged users complete control of databases and – in some cases – even underlying operating systems. ASE previously known...
Newly Patched SAP ASE Flaws Could Let Attackers Hack Database Servers
A new set of critical vulnerabilities uncovered in SAP's Sybase database software can grant unprivileged attackers complete control over a targeted database and even the underlying operating system in certain scenarios. The six flaws, disclosed by cybersecurity firm Trustwave today, reside in...
CVE-2020-6241
SAP Adaptive Server Enterprise, version 16.0, allows an authenticated user to execute crafted database queries to elevate privileges of users in the system, leading to SQL Injection...
CVE-2020-6250
SAP Adaptive Server Enterprise, version 16.0, allows an authenticated attacker to exploit certain misconfigured endpoints exposed over the adjacent network, to read system administrator password leading to Information Disclosure. This could help the attacker to read/write any data and even stop t...
CVE-2018-2468
Under certain conditions the backup server in SAP Adaptive Server Enterprise ASE, versions 15.7 and 16.0, allows an attacker to access information which would otherwise be restricted...
Authentication flaw
Under certain conditions the backup server in SAP Adaptive Server Enterprise ASE, versions 15.7 and 16.0, allows an attacker to access information which would otherwise be restricted...
Qualys Policy Compliance Notification: Policy Library Update
Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from vendo...
SAP ASE ODATA SERVER denial of service vulnerability(CVE-2017-5371)
No description provided by source...
SAP ASE ODATA Server 16 Denial Of Service Vulnerability
SAP ASE ODATA Server version 16 suffers from a denial of service vulnerability. Application: SAP ASE Versions Affected: SAP ASE ODATA Server v16 Vendor URL: http://SAP.com Bugs: Denial of Service Sent: 01.02.2016 Reported: 02.02.2016 Vendor response: 02.02.2016 Date of Public Advisory: 12.10.2016...
CVE-2016-7402
SAP ASE 16.0 SP02 PL03 and prior versions allow attackers who own SourceDB and TargetDB databases to elevate privileges to sa system administrator via dbcc importsproc SQL injection...
CVE-2016-7402
SAP ASE 16.0 SP02 PL03 and prior versions allow attackers who own SourceDB and TargetDB databases to elevate privileges to sa system administrator via dbcc importsproc SQL injection...
Sql injection
SAP ASE 16.0 SP02 PL03 and prior versions allow attackers who own SourceDB and TargetDB databases to elevate privileges to sa system administrator via dbcc importsproc SQL injection...
CVE-2016-7402
SAP ASE 16.0 SP02 PL03 and prior versions allow attackers who own SourceDB and TargetDB databases to elevate privileges to sa system administrator via dbcc importsproc SQL injection...
SAP Adaptive Server Enterprise - DoS vulnerability
Application: SAP Adaptive Server Enterprise Versions Affected: SAP Adaptive Server Enterprise 16 Vendor URL: SAP Bug: Denial of Service Reported: 01.02.2016 Vendor response: 02.02.2016 Date of Public Advisory: 12.07.2016 Reference: SAP Security Note 2330839 Author: Vahgan Vardanyan ERPScan...
SAP ASE ODATA Server - Denial of Service
Application: SAP ASE Versions Affected: SAP ASE 16 Vendor URL: SAP Bugs: Denial of Service Reported: 01.02.2016 Vendor response: 02.02.2016 Date of Public Advisory: 12.10.2016 Reference: SAP Security Note 2330422 Author: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class: Denial of Service...