SAP® and Oracle® Security Advisories
Onapsis Research Labs is the world’s leading team of security experts who combine their deep knowledge of critical ERP applications and decades of threat research experience to deliver impactful security insights and threat intelligence focused on the business-critical applications from SAP, Oracle, and SaaS providers. Onapsis Research Labs is, far and away, the most prolific and most celebrated contributor of vulnerability research by the SAP Product Security Response Team. No other research team comes close.
11/09/2015
SAP HANA TrexNet Remote File Creation
By exploiting this vulnerability, an unauthenticated attacker could potentially render the system unavailable. Please fill in the following form in order to download the selected Onapsis’ resource. The system will send you a download link to your email. By registering, you will obtain the following benefits:
11/09/2015
SAP HANA TrexNet Remote File Deletion
Please fill in the following form in order to download the selected Onapsis’ resource. The system will send you a download link to your email. By registering, you will obtain the following benefits:
11/09/2015
SAP HANA TrexNet Remote File Move
By exploiting this vulnerability, an unauthenticated attacker could relocate the information stored in the SAP HANA System to make it easily accessible. This could potentially render the system unavailable due to a non-integral file system. Please fill in the following form in order to download the selected Onapsis’ resource. The system will send you a…
11/09/2015
SAP HANA TrexNet Remote File Read
By exploiting this vulnerability, an unauthenticated attacker could read arbitrary business-relevant information from the SAP HANA System. Please fill in the following form in order to download the selected Onapsis’ resource. The system will send you a download link to your email. By registering, you will obtain the following benefits:
11/09/2015
SAP HANA TrexNet Remote File Write
By exploiting this SAP HANA vulnerability, an unauthenticated attacker could override business-relevant information in the SAP HANA System and could also render the system unavailable due to corrupted data. Please fill in the following form in order to download the selected Onapsis’ resource. The system will send you a download link to your email. By…
11/09/2015
SAP HANA TrexNet Remote Files List
By exploiting this vulnerability, an unauthenticated attacker could obtain technical information of the SAP HANA System which could help facilitate further attacks against the system. Please fill in the following form in order to download the selected Onapsis’ resource. The system will send you a download link to your email. By registering, you will obtain…
11/09/2015
SAP HANA EXECUTE_SEARCH_RULE_SET Stored Procedure Memory corruption
By exploiting this vulnerability, a remote authenticated attacker could render the SAP HANA Platform unavailable to other users until the next process restart. Please fill in the following form in order to download the selected Onapsis’ resource. The system will send you a download link to your email. By registering, you will obtain the following…
11/09/2015
SAP HANA TrexNet Remote Process Kill
By exploiting this vulnerability, an unauthenticated attacker could render the SAP HANA system completely unavailable due to system shutdown. Any business process or information hosted in the system will became automatically unavailable. Please fill in the following form in order to download the selected Onapsis’ resource. The system will send you a download link to…
11/09/2015
SAP HANA Remote Code Execution (HTTP based)
By exploiting this vulnerability, an unauthenticated attacker could completely compromise the system, and would be able to access and manage any business-relevant information or processes. This could be achieved remotely and potentially through the internet, affecting on-premise and cloud-based HANA solutions. Please fill in the following form in order to download the selected Onapsis’ resource….