BugTraq Latest Security Advisories

Syndicate content
The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!
Updated: 34 min 36 sec ago

[ERPSCAN-16-012] SAP NetWeaver AS JAVA - directory traversal vulnerability

June 17, 2016 - 11:57am

Posted by ERPScan inc on Jun 17

Application: SAP NetWeaver AS JAVA

Versions Affected: SAP NetWeaver AS JAVA 7.1 - 7.5

Vendor URL: http://SAP.com

Bug: Directory traversal

Sent: 29.09.2015

Reported: 29.09.2015

Vendor response: 30.09.2015

Date of Public Advisory: 08.03.2016

Reference: SAP Security Note 2234971

Author: Vahagn Vardanyan (ERPScan)

Description

1. ADVISORY INFORMATION

Title: [ERPSCAN-16-012] SAP NetWeaver AS Java directory traversal vulnerability...
Categories:

[ERPSCAN-16-013] SAP NetWeaver AS Java ctcprotocol servlet - XXE vulnerability

June 17, 2016 - 11:49am

Posted by ERPScan inc on Jun 17

Application: SAP NetWeaver AS JAVA

Versions Affected: SAP NetWeaver AS JAVA 7.1 - 7.5

Vendor URL: http://SAP.com

Bug: XXE

Sent: 20.10.2015

Reported: 21.10.2015

Vendor response: 21.10.2015

Date of Public Advisory: 08.03.2016

Reference: SAP Security Note 2235994

Author: Vahagn Vardanyan (ERPScan)

Description

1. ADVISORY INFORMATION

Title: [ERPSCAN-16-013] SAP NetWeaver AS Java ctcprotocol servlet –
XXE vulnerability

Advisory...
Categories:

[ERPSCAN-16-014] SAP NetWeaver AS Java NavigationURLTester - XSS vulnerability

June 17, 2016 - 11:41am

Posted by ERPScan inc on Jun 17

Application: SAP NetWeaver AS JAVA

Versions Affected: SAP NetWeaver AS JAVA 7.1 - 7.5

Vendor URL: http://SAP.com

Bug: XSS

Sent: 20.10.2015

Reported: 21.10.2015

Vendor response: 21.10.2015

Date of Public Advisory: 08.03.2016

Reference: SAP Security Note 2238375

Author: Vahagn Vardanyan (ERPScan)

Description

1. ADVISORY INFORMATION

Title: [ERPSCAN-16-014] SAP NetWeaver AS Java NavigationURLTester –
XSS vulnerability

Advisory...
Categories: