Showing 1 - 25 of 72

Files from Sh2kerr

Email address	alexandr.polyakov at dsec.ru
First Active	2007-10-23
Last Active	2011-11-17

SAP NetWeaver CTC Authentication Bypass: Posted Nov 17, 2011; Authored by Sh2kerr; SAP NetWeaver suffers from an authentication bypass vulnerability in the CTC service.; tags | advisory, bypass; SHA-256 | acd1799151dd58a8e541f3f7f81d871ec30f13688f6df45a6dc99cabf056f139; Download | Favorite | View

SAP NetWeaver SPML Cross Site Request Forgery: Posted Nov 17, 2011; Authored by Sh2kerr; The SAP NetWeaver SPML service suffers from a cross site request forgery vulnerability.; tags | advisory, csrf; SHA-256 | 322ab3a2b0d5f55c5b57691f980918122aa961043519cd3ac848bdaa88e9ca1b; Download | Favorite | View

SAP NetWeaver BW Doc Cross Site Scripting: Posted Nov 17, 2011; Authored by Sh2kerr, Dmitriy Chastuchin; SAP NetWeaver BW DOC metadata suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 68d97d678e3c0fdb4545781101c9713cebe198b3b21c2030417b80a51a588341; Download | Favorite | View

SAP NetWeaver MI 2 Information Disclosure: Posted Nov 17, 2011; Authored by Sh2kerr; SAP NetWeaver Mobile Engine suffers from an information disclosure vulnerability that discloses version and username information.; tags | advisory, info disclosure; SHA-256 | f887bedbaf6328e9e0090370a2ef1d312367550062ad97dcd452fb137b15cb06; Download | Favorite | View

SAP NetWeaver SLD Information Disclosure: Posted Jun 28, 2011; Authored by Sh2kerr; SAP NetWeaver suffers from a version information disclosure vulnerability.; tags | advisory, info disclosure; SHA-256 | b22b17c91f8bbca4c55e92c62cfe94d4fcb66501a137984af9813c6c9627064d; Download | Favorite | View

SAP GUI DLL Hijacking: Posted Mar 16, 2011; Authored by Sh2kerr, Alexey Sintsov; SAP Front End applications (SAPGui.exe) are vulnerable to DLL hijacking attacks allowing for remote code execution.; tags | advisory, remote, code execution; SHA-256 | 28ae63b22ea645e5c51c549e98085f2be91b625a787181783ae2e6a8a3c0929e; Download | Favorite | View

SAP NetWeaver Runtime Cross Site Scripting: Posted Mar 16, 2011; Authored by Sh2kerr, Dmitriy Evdokimov; SAP NetWeaver Runtime suffers from a cross site scripting vulnerability.; tags | advisory, xss; SHA-256 | 9181483e340b92a0eba8cbdc85b2d7b41fe702b11953196d7adeec92089118b9; Download | Favorite | View

SAP NetWeaver Integration Directory Cross Site Scripting: Posted Mar 16, 2011; Authored by Sh2kerr, Dmitriy Evdokimov; Multiple cross site scripting vulnerabilities have been discovered in the SAP NetWeaver Integration Directory.; tags | advisory, vulnerability, xss; SHA-256 | 6c1f10b4919499bf8e2eb3a38ba5b4c505670c59ce701c4a2769af93a5d72d82; Download | Favorite | View

SAP Crystal Reports 2008 Cross Site Scripting: Posted Mar 16, 2011; Authored by Sh2kerr, Dmitry Chastuhin; Multiple cross site scripting vulnerabilities have been discovered in the PerformanceManagement application module in SAP Crystal Reports Server 2008.; tags | exploit, vulnerability, xss; SHA-256 | 51f030365393b65a3456ecb53c5f5e39b1847584605dc54abbe2141bcba154a8; Download | Favorite | View

Forgotten World - Corporate Business Application Systems: Posted Feb 18, 2011; Authored by Val Smith, Sh2kerr; Whitepaper called Forgotten World - Corporate Business Application Systems. This paper will describe some basic and advanced threats and attacks on Enterprise Business Applications – the core of many companies. Both the paper and Blackhat DC presentation are included in this archive.; tags | paper; systems | linux; SHA-256 | 2e70cc9c883bdf948194b3801a4b9fe5f07f8e73912c291bd5c5b643e993e4a6; Download | Favorite | View

Oracle Document Capture 10.1.3.5 Insecure Method / Buffer Overflow: Posted Jan 26, 2011; Authored by Sh2kerr | Site dsecrg.com; Oracle Document Capture version 10.1.3.5 suffers from buffer overflow and insecure method vulnerabilities.; tags | exploit, overflow, vulnerability; advisories | CVE-2010-3599; SHA-256 | d8de28a03cf63e8eb852fd978524155069a598269f9adfa1fc15fb5c2f8912fa; Download | Favorite | View

Oracle Document Capture Actbar2.ocx Insecure Method: Posted Jan 25, 2011; Authored by Sh2kerr, Dmitriy Evdokimov | Site dsecrg.com; Oracle Document Capture suffers from an insecure method vulnerability in Actbar2.ocx.; tags | exploit; advisories | CVE-2010-3591; SHA-256 | 03b34491ba00cddad42d1df6075c24902828638e56eeebc8ded920c1e03e8609; Download | Favorite | View

SAP Crystal Report Server 2008 Active-X Insecure Methods: Posted Jan 25, 2011; Authored by Sh2kerr, Dmitry Chastuhin | Site dsecrg.com; Insecure practices where found in the library scriptinghelpers.dll from SAP Crystal Report Server 2008. An attacker could construct a html-page containing a call insecure functions.; tags | advisory; SHA-256 | 29926d9586641116eb339bef4f9eb33eae55dfcd24cd7eb87a02a1fbbd8d02b7; Download | Favorite | View

SAP Crystal Report Server 2008 Directory Traversal: Posted Jan 25, 2011; Authored by Sh2kerr, Dmitry Chastuhin | Site dsecrg.com; SAP Crystal Report Server 2008 suffers from a directory traversal vulnerability.; tags | exploit; SHA-256 | 5bebb637d7e51e2a0d9d84df5f7b28a6a33af536f8f0ea29e3bf80b431a7af0a; Download | Favorite | View

SAP Crystal Report Server 2008 Cross Site Scripting: Posted Jan 25, 2011; Authored by Sh2kerr, Dmitry Chastuhin | Site dsecrg.com; SAP Crystal Report Server 2008 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 5bb33dcb865e51328736f78871bcaf01a2e663aac535fd2aa2d1af81cdfe13cd; Download | Favorite | View

Progress OpenEdge Enterprise RDBMS 10.2A Bypass: Posted Jan 25, 2011; Authored by Sh2kerr, Alexey Sintsov, Alexey Troshichev | Site dsecrg.com; Progress OpenEdge Enterprise RDBMS version 10.2A has some vulnerabilities that make it possible to enumerate UserID and bypass authentication.; tags | advisory, vulnerability; SHA-256 | 94f3ea7ac21edb9e58b5237ff7c2a7826e37b408dbacdbff22fb5468c6bdec38; Download | Favorite | View

Oracle Document Capture empop3.dll Insecure Methods: Posted Jan 25, 2011; Authored by Sh2kerr, Dmitriy Evdokimov | Site dsecrg.com; Oracle Document Capture contains ActiveX components that contains insecure methods in empop3.dll.; tags | exploit, activex; advisories | CVE-2010-3591; SHA-256 | d17d07c5e57b563c011ed3d0796b9e0b84d6136526dcd7ca890a49dc34f3c55b; Download | Favorite | View

Oracle Document Capture Insecure READ Method: Posted Jan 25, 2011; Authored by Sh2kerr, Alexey Sintsov | Site dsecrg.com; EasyMail ActiveX Control (emsmtp.dll) that included into Oracle Document Capture distrib can be used to read any file in target system. The vulnerable method is "ImportBodyText()".; tags | exploit, activex; advisories | CVE-2010-3595; SHA-256 | e0290533ffa0e0be9cb707947d2fe37461961f3b2e54f7eb0baa68b865261ae8; Download | Favorite | View

SAP NetWeaver 7.0 Denial Of Service: Posted Nov 18, 2010; Authored by Sh2kerr | Site dsecrg.com; SAP NetWeaver version 7.0 suffers from a denial of service vulnerability in the Metamodel Repository.; tags | advisory, denial of service; SHA-256 | 5e2e562201a583c2c83faeee154e85b823b0642aff4fe38ac6116e1056d89383; Download | Favorite | View

SAP NetWeaver Administrator Panel ECC 6.0 Cross Site Scripting: Posted Nov 17, 2010; Authored by Sh2kerr, Alexey Troshichev | Site dsecrg.com; The SAP NetWeaver administrator panel from ECC version 6.0 suffers from cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | 3d805721f30788cc734b4cca6025ed61f899f4240facd6d677bd99feb4a472b9; Download | Favorite | View

Oracle BPEL Console 10.1.3.3.0 Cross Site Scripting: Posted Oct 28, 2010; Authored by Sh2kerr | Site dsecrg.com; Oracle BPEL Console version 10.1.3.3.0 suffers from a cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2010-3581; SHA-256 | 8b80837fd9c12c060f51e80f3ef5cf3cb1543ef6936db9fd039e3765f60d152d; Download | Favorite | View

Oracle BI Publisher HTTP Response Splitting: Posted Oct 28, 2010; Authored by Sh2kerr | Site dsecrg.com; Oracle BI Publisher suffers from a HTTP response splitting vulnerability.; tags | exploit, web; SHA-256 | a16b4a5d2e42764c015a89ca8d14b3e7d1594fc9ccef544177abbde6f3759df3; Download | Favorite | View

SAP NetWeaver SLD 6.4 - 7.02 Cross Site Scripting: Posted Jul 23, 2010; Authored by Sh2kerr, Alexey Troshichev | Site dsecrg.com; SAP NetWeaver SLD versions 6.4 through 7.02 suffer from multiple cross site scripting vulnerabilities.; tags | advisory, vulnerability, xss; SHA-256 | 8b641e06e58f7c35d9140a710b83cde908ed39795c6e2eedaaa58b596a3b8385; Download | Favorite | View

SAP Netweaver 6.4 - 7.0 Cross Site Scripting: Posted Jul 23, 2010; Authored by Sh2kerr | Site dsecrg.com; SAP Netweaver versions 6.4 through 7.0 suffer from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 3a33cbd84a9db933f995cbae70e001e3a89be10e4fa30b160c720ca941a9066e; Download | Favorite | View

Symantec Antivirus Client Proxy Buffer Overflow: Posted Feb 20, 2010; Authored by Sh2kerr | Site dsecrg.com; An Active-X component in CLIproxy.dll from Symantec Antivirus Client Proxy suffers from a buffer overflow vulnerability.; tags | advisory, overflow, activex; advisories | CVE-2010-0108; SHA-256 | 01e4fed6a5192be5896fea6d73e2571c3e0946b13d52fefe04ff31a16cedd628; Download | Favorite | View

Page 1 of 3 Back 1 2 3 Next

Top Authors In Last 30 Days

Red Hat 244 files
Ubuntu 65 files
LiquidWorm 24 files
Debian 18 files
indoushka 15 files
Apple 9 files
Google Security Research 7 files
Gentoo 5 files
Chokri Hammedi 3 files
Alter Prime 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,155)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,819)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,239)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,968)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

Files from Sh2kerr

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems