Penetration Testing Mode:
(Page 1 of 637)  1 2 3 4 5 6 7 8 9 10 11  Next >
[ERPSCAN-15-003] SAP NetWeaver Dispatcher Buffer Overflow - RCE, DoS 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-003] SAP NetWeaver Dispatcher
Buffer Overflow - RCE, DoS

Application: SAP NetWeaver Dispatcher
Versions Affected: SAP NetWeaver Dispatcher, probably others
Vendor URL: http://SAP.com
Bugs: RCE
Sent:

[ more ]  [ reply ]
[ERPSCAN-15-004] SAP NetWeaver Portal XMLValidationComponent - XXE 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-004] SAP NetWeaver Portal
XMLValidationComponent - XXE

Application: SAP NetWeaver Portal 7.31
Versions Affected: SAP NetWeaver Portal 7.31, probably others
Vendor URL: http://SAP.com
Bugs: XML eXternal Entity
Sent:

[ more ]  [ reply ]
[ERPSCAN-15-005] SAP Mobile Platform - XXE 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-005] SAP Mobile Platform - XXE

Application: SAP Mobile Platform 2.3
Versions Affected: SAP Mobile Platform 2.3, probably others
Vendor URL: http://SAP.com
Bugs: XML eXternal Entity
Sent: 06.11.14
Repor

[ more ]  [ reply ]
[ERPSCAN-15-006] SAP NetWeaver Portal ReportXmlViewer - XXE 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-006] SAP NetWeaver Portal
ReportXmlViewer - XXE

Application: SAP NetWeaver Portal 7.31
Versions Affected: SAP NetWeaver Portal 7.31, probably others
Vendor URL: http://SAP.com
Bugs: XXE
Sent: 09.12.20

[ more ]  [ reply ]
[ERPSCAN-15-007] SAP Management Console ReadProfile Parameters - Information disclosure 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-007] SAP Management Console
ReadProfile Parameters - Information disclosure

Application: SAP Management Console
Versions Affected: SAP NW 7.4 Management Console, probably others
Vendor URL: http://SAP.com
Bugs: Info

[ more ]  [ reply ]
[ERPSCAN-15-008] SAP Afaria 7 XcListener - DoS in the module XeClient.Dll 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-008] SAP Afaria 7 XcListener - DoS
in the module XeClient.Dll

Application: SAP Afaria 7
Versions Affected: SAP Afaria 7, probably others
Vendor URL: http://SAP.com
Bugs: DoS
Sent: 09.12.2014
Reported:

[ more ]  [ reply ]
[ERPSCAN-15-009] SAP Afaria 7 XcListener - Missing authorization check 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-009] SAP Afaria 7 XcListener -
Missing authorization check

Application: SAP Afaria 7
Versions Affected: SAP Afaria 7, probably others
Vendor URL: http://SAP.com
Bugs: Missing authorization check
Sent:

[ more ]  [ reply ]
[ERPSCAN-15-010] SYBASE SQL Anywhere 12 and 16 - DoS 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-010] SYBASE SQL Anywhere 12 and 16
- DoS

Application: SYBASE SQL Anywhere 12 and 16
Versions Affected: SYBASE SQL Anywhere 12 and 16, probably others
Vendor URL: http://SAP.com
Bugs: DoS
Sent: 09.12.20

[ more ]  [ reply ]
[ERPSCAN-15-011] SAP Mobile Platform 3.0 - XXE 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-011] SAP Mobile Platform 3.0 - XXE

Application: SAP Mobile Platform 3.0
Versions Affected: SAP Mobile Platform 3.0, probably others
Vendor URL: http://SAP.com
Bugs: XML eXternal Entity
Sent: 29.12.2014

[ more ]  [ reply ]
new firmware security blog 2015-06-10
Blibbet (blibbet gmail com)
Hi,

I've recently started a blog focusing on firmware security and firmware
development, focusing mostly on UEFI, but also on BIOS, coreboot, and
other technologies. It focuses mostly on Intel, but also covers ARM. I
focus on Linux/Android/Chrome OS/FreeBSD, but also cover some MSFT/APPL
usage.

I'

[ more ]  [ reply ]
[HITB-Announce] FINAL CALL: HITB GSEC Call for Papers 2015-06-11
Hafez Kamal (aphesz hackinthebox org)
This is the FINAL CALL to submit your offensive and defensive talk
proposals to the inaugural Hack In The Box GSEC conference in Singapore!

Call for Papers: http://gsec.hitb.org/call-for-papers/
Event Website: http://gsec.hitb.org/sg2015/

HITB GSEC is a three-day security conference limited to 111

[ more ]  [ reply ]
t2'15: Call for Papers 2015 (Helsinki / Finland) 2015-06-01
Tomi Tuominen (tomi tuominen t2 fi)
#
# t2'15 - Call For Papers (Helsinki, Finland) - October 29 - 30, 2015
#

Why spend your valuable conference time in the longest lines you have seen in your life, getting a sun burn or totally lost in the canals with your rental boat, being deprived of chewing gum or waking up in Nong Palai without

[ more ]  [ reply ]
hardwear.io - Hardware Security Conference Call for Papers 2015-05-29
Hardwear Team (hw hardwear io)
Dear Hackers and Security Gurus,

hardwear is seeking innovative research on hardware security. If you
have done interesting research on attacks or mitigation on any
Hardware and want to showcase it to the security community, just
submit your research paper. Please find all the relevant details for

[ more ]  [ reply ]
c0c0n 2015 | The cy0ps c0n - CFP & CFW - Extended Deadline: 14 June, 2015 2015-06-01
c0c0n International Information Security Conference (c0c0n is-ra org)
c0c0n 2015 | The cy0ps c0n - CFP & CFW - Extended Deadline: 14 June, 2015

Thanks to everyone for all the paper submissions. The CFP Review Committee
will be evaluating the same for selection. Based on the requests received,
we are extending the CFP deadline to June 14, 2015 in the hope of receivin

[ more ]  [ reply ]
[Onapsis Security Advisory 2015-007] SAP HANA Log Injection Vulnerability 2015-05-27
Onapsis Research Labs (research onapsis com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Onapsis Security AdvisoryONAPSIS-2015-007: SAP HANA Log Injection
Vulnerability

1. Impact on Business
=====================

Under certain conditions the SAP HANA XS engine is vulnerable to
arbitrary log
injection, allowing remote authenticated attack

[ more ]  [ reply ]
[Onapsis Security Advisory 2015-006] SAP HANA Information Disclosure via SQL IMPORT FROM statement 2015-05-27
Onapsis Research Labs (research onapsis com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Onapsis Security Advisory ONAPSIS-2015-006: SAP HANA Information
Disclosure via SQL IMPORT FROM statement

1. Impact on Business
=====================

Under certain conditions some SAP HANA Database commands could be
abused by a remote authenticated a

[ more ]  [ reply ]
[HITB-Announce] REMINDER: Call for Papers for HITB GSEC 2015-05-25
Hafez Kamal (aphesz hackinthebox org)
REMINDER: The Call for Papers for the inaugural Hack In The Box GSEC
conference in Singapore is closing on the 31st of May.

Call for Papers: http://gsec.hitb.org/call-for-papers/
Event Website: http://gsec.hitb.org/sg2015/

HITB GSEC is a three-day security conference limited to 111 attendees
who v

[ more ]  [ reply ]
Breakpoint 2015 Call For Presentations 2015-05-17
cfp ruxcon org au
Breakpoint 2015 Call For Papers
Melbourne, Australia, October 22th-23th
Intercontinental Rialto
http://www.ruxconbreakpoint.com

.[x]. Introduction .[x].

We are pleased to announce Call For Presentations for Breakpoint 2015.

Breakpoint showcases the work of expert security researchers from arou

[ more ]  [ reply ]
44CON London CFP Open 2015-05-13
Steve (steve 44con com)
44CON London is the UK's largest combined annual Security Conference and Training event. Taking place on the evening of the 9th and all day on the 10th and 11th of September at the ILEC Conference Centre near Earls Court, London, we will have a fully dedicated conference facility, including secure w

[ more ]  [ reply ]
Arachni Framework v1.1 & WebUI v0.5.7 have been released (Web Application Security Scanner) 2015-05-01
Tasos Laskos (tasos laskos gmail com)
Hey folks,

There's a new version of Arachni, an Open Source, modular and high-performance
Web Application Security Scanner Framework.

The highlights of this release are:

* More sensible default options.
* Approximately 7-fold performance increase (YMMV depending on webapp characteristics).
* Supp

[ more ]  [ reply ]
Ruxcon 2015 Call For Presentations 2015-04-13
cfp ruxcon org au
Ruxcon 2015 Call For Presentations
Melbourne, Australia, October 24-25
CQ Function Centre

http://www.ruxcon.org.au

The Ruxcon team is pleased to announce the first round of Call For Presentations for Ruxcon 2015.

This year the conference will take place over the weekend of the 24th and 25th of Oc

[ more ]  [ reply ]
Positive Hack Days V ? Call for Papers Stage 2 2015-02-25
Alexander Lashkov (ALashkov ptsecurity com)
Every night when we go to sleep we have a chance to wake up in another
universe. At any time, the expanding to infinity universe may turn back
and then rush to the start point. Or maybe finish point. Back to
singularity.

The cyber universe has plunged into turmoil. Cyber criminals and special
agenc

[ more ]  [ reply ]
SpiderFoot 2.3.0 released 2015-02-12
Steve Micallef (steve binarypool com)
Hi all,

SpiderFoot 2.3.0 is now available, and includes a ton of new
functionality since 2.1.4 was last announced here. SpiderFoot is an open
source intelligence gathering / reconnaissance tool utilising over 40
data sources and methods, all driven through a snappy web UI.

Here's what's new sin

[ more ]  [ reply ]
Recon 2015 Call For Papers - June 19 - 21, 2015 - Montreal, Canada 2015-01-08
cfp2015 recon cx
+ + + +
+ + +
+ +
\ /
+ _ - _+_ - ,__

[ more ]  [ reply ]
[HITB-Announce] #HITB2015AMS Call for Papers is Open 2014-12-09
Hafez Kamal (aphesz hackinthebox org)
Happy December everyone - It's that time of the year again when we ask
you to submit your latest and greatest research papers for HITB Security
Conference in Amsterdam! Our 6th annual event in The Netherlands takes
place at the Beurs van Berlage from the 26th - 29th of May 2014.

Event Website: http

[ more ]  [ reply ]
t2â??14 Challenge to be released 2014-09-13 10:00 EEST 2014-09-07
Tomi Tuominen (tomi tuominen t2 fi)
Running assets is always difficult, however this year has been excruciating for t2 infosec. We lost one of our most prized and well placed deep cover operatives in a foreign three letter agency. Shortly after the CFP, communications stopped and we have to assume her new assignment is a permanent pla

[ more ]  [ reply ]
[Onapsis Security Advisory 2014-021] SAP HANA XS Missing encryption in form-based authentication 2014-07-29
Onapsis Research Labs (research onapsis com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Onapsis Security Advisory 2014-021: SAP HANA XS Missing encryption in
form-based authentication

This advisory can be downloaded in PDF format from
http://www.onapsis.com/.

By downloading this advisory from the Onapsis Resource Center, you will
gain ac

[ more ]  [ reply ]
(Page 1 of 637)  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus