CVE-2010-3981
https://notcve.org/view.php?id=CVE-2010-3981
Cross-site scripting (XSS) vulnerability in SAP BusinessObjects Enterprise XI 3.2 allows remote attackers to inject arbitrary web script or HTML via the ServiceClass field to the Edit Service Parameters page. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en SAP BusinessObjects Enterprise XI v3.2 permite a atacantes remotos inyectar codigo de script web o código HTML de su elección a través del campo ServiceClass de la página "Edit Service Parameters" (edición de parámetros de servicio). • http://osvdb.org/68680 http://spl0it.org/files/talks/source_barcelona10/Hacking%20SAP%20BusinessObjects.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2010-3982
https://notcve.org/view.php?id=CVE-2010-3982
SAP BusinessObjects Enterprise XI 3.2 allows remote attackers to trigger TCP connections to arbitrary intranet hosts on any port, and obtain potentially sensitive information about open ports, via the apstoken parameter to the CrystalReports/viewrpt.cwr URI, related to an "internal port scanning" issue. SAP BusinessObjects Enterprise XI 3.2 permite a atacantes remotos realizar conexiones TCP a equipos arbitrarios de la intranet en cualquier puerto, y obtener información potencialmente confidencial sobre los puertos abiertos, a través del parámetro apstoken de la URI CrystalReports/viewrpt.cwr. Relacionado con un problema de "escaneo de puertos interno". • http://osvdb.org/68681 http://spl0it.org/files/talks/source_barcelona10/Hacking%20SAP%20BusinessObjects.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/62682 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2010-3983
https://notcve.org/view.php?id=CVE-2010-3983
CmcApp in SAP BusinessObjects Enterprise XI 3.2 allows remote authenticated users to gain privileges via vectors involving the Program Job Server and the Program Login property. CmcApp en SAP BusinessObjects Enterprise XI 3.2 permite a usuarios autenticados remotos escalar privilegios a través de vectores que involucran el "Program Job Server" (servidor de trabajos de programa) y la propiedad "Program Login" (inicio de sesión de programa). • http://osvdb.org/68682 http://spl0it.org/files/talks/source_barcelona10/Hacking%20SAP%20BusinessObjects.pdf • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2010-3979
https://notcve.org/view.php?id=CVE-2010-3979
Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 generates different error messages depending on whether the Login field corresponds to a valid username, which allows remote attackers to enumerate account names via a login SOAPAction to the dswsbobje/services/session URI. Dswsbobje en SAP BusinessObjects Enterprise XI v3.2 genera mensajes de error diferentes dependiendo de si el campo Login corresponde a un nombre de usuario válido, lo que permite a usuarios remotos enumerar los nombres de cuentas de usuario a través de una SOAPAction login a la URI dswsbobje/services/session. • http://spl0it.org/files/talks/source_barcelona10/Hacking%20SAP%20BusinessObjects.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2010-0219 – Axis2 - (Authenticated) Code Execution (via REST)
https://notcve.org/view.php?id=CVE-2010-0219
Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier for remote attackers to execute arbitrary code by uploading a crafted web service. Axis2 de Apache, tal y como es usado en dswsbobje.war en SAP BusinessObjects Enterprise XI versión 3.2, CA ARCserve D2D r15 y otros productos, tiene una contraseña por defecto de axis2 para la cuenta de administrador, lo que facilita a los atacantes remotos ejecutar código arbitrario mediante la carga de un servicio web especialmente diseñado. • https://www.exploit-db.com/exploits/16312 https://www.exploit-db.com/exploits/16315 https://www.exploit-db.com/exploits/15869 https://github.com/veritas-rt/CVE-2010-0219 http://retrogod.altervista.org/9sg_ca_d2d.html http://secunia.com/advisories/41799 http://secunia.com/advisories/42763 http://spl0it.org/files/talks/source_barcelona10/Hacking%20SAP%20BusinessObjects.pdf http://www.exploit-db.com/exploits/15869 http://www.kb.cert.org/vuls/id/989719 http://www.osvd • CWE-255: Credentials Management Errors •