CVE-2012-2612 – SAP NetWeaver Dispatcher 7.0 ehp1/2 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2012-2612
The DiagTraceHex function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet. La función de DiagTraceHex en disp+work.exe v7010.29.15.58313 y v7200.70.18.23869 en el distribuidor de la plataforma SAP NetWeaver 7.0 EHP1 y EHP2 permite a atacantes remotos causar una denegación de servicio (caída de demonio) a través de un elaborado paquete SAP Diag. • https://www.exploit-db.com/exploits/20705 https://www.exploit-db.com/exploits/18853 http://scn.sap.com/docs/DOC-8218 http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities http://www.securitytracker.com/id?1027052 https://exchange.xforce.ibmcloud.com/vulnerabilities/75452 https://service.sap.com/sap/support/notes/1687910 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2012-2611 – SAP NetWeaver Dispatcher 7.0 ehp1/2 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2012-2611
The DiagTraceR3Info function in the Dialog processor in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2, when a certain Developer Trace configuration is enabled, allows remote attackers to execute arbitrary code via a crafted SAP Diag packet. La función DiagTraceR3Info en el procesador Dialog en disp+work.exe v7010.29.15.58313 y v7200.70.18.23869 en el Dispatcher en SAP NetWeaver v7.0 EHP1 y EHP2, cuando está activada una configuración concreta de Developer Trace, permite a atacantes remotos ejecutar código a través de un paquete SAP Diag manipulado. • https://www.exploit-db.com/exploits/20705 https://www.exploit-db.com/exploits/18853 https://www.exploit-db.com/exploits/21034 http://scn.sap.com/docs/DOC-8218 http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities http://www.securitytracker.com/id?1027052 https://service.sap.com/sap/support/notes/1687910 • CWE-20: Improper Input Validation •
CVE-2012-2511 – SAP NetWeaver Dispatcher 7.0 ehp1/2 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2012-2511
The DiagTraceAtoms function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet. La función de DiagTraceAtoms en disp+work.exe v7010.29.15.58313 y v7200.70.18.23869 en el distribuidor de la plataforma SAP NetWeaver v7.0 EHP1 y EHP2 permite a atacantes remotos causar una denegación de servicio (caída de demonio) a través de un paquete diseñado SAP Diag. • https://www.exploit-db.com/exploits/20705 https://www.exploit-db.com/exploits/18853 http://scn.sap.com/docs/DOC-8218 http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities http://www.securitytracker.com/id?1027052 https://exchange.xforce.ibmcloud.com/vulnerabilities/75453 https://service.sap.com/sap/support/notes/1687910 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2012-2512 – SAP NetWeaver Dispatcher 7.0 ehp1/2 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2012-2512
The DiagTraceStreamI function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet. La función DiagTraceStreamI en disp+work.exe v7010.29.15.58313 y v7200.70.18.23869 en el Dispatcher en SAP NetWeaver v7.0 EHP1 EHP2 permite a atacantes remotos causar una denegación de servicio (caída del servicio) mediante un paquete SAP Diag manipulado. • https://www.exploit-db.com/exploits/20705 https://www.exploit-db.com/exploits/18853 http://scn.sap.com/docs/DOC-8218 http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities http://www.securitytracker.com/id?1027052 https://exchange.xforce.ibmcloud.com/vulnerabilities/75454 https://service.sap.com/sap/support/notes/1687910 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2012-2513 – SAP NetWeaver Dispatcher 7.0 ehp1/2 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2012-2513
The Diaginput function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet. La función de Diaginput en disp+work.exe v7010.29.15.58313 y v7200.70.18.23869 en el distribuidor de la plataforma SAP NetWeaver v7.0 EHP1 y EHP2 permite a atacantes remotos causar una denegación de servicio (caída de demonio) a través de un paquete diseñado SAP Diag. • https://www.exploit-db.com/exploits/20705 https://www.exploit-db.com/exploits/18853 http://scn.sap.com/docs/DOC-8218 http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities http://www.securitytracker.com/id?1027052 https://exchange.xforce.ibmcloud.com/vulnerabilities/75455 https://service.sap.com/sap/support/notes/1687910 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •