Mariano Nuñez Di Croce

Name of the Vulnerable Software and Affected Versions: SAP RFC Library versions 6.40 and 7.00 before 20061211 Description: The issue allows remote attackers to obtain sensitive information, specifically external RFC server configuration data, via unspecified vectors. Recommendations: For SAP RFC Library versions 6.40 and 7.00 before 20061211, update to a version released after 20061211 to resolve the issue.

Name of the Vulnerable Software and Affected Versions: SAP RFC Library versions 6.40 and 7.00 before 20061211 Description: A buffer overflow issue exists in the SYSTEM CREATE INSTANCE function, allowing remote attackers to execute arbitrary code. The issue is related to unspecified vectors. Recommendations: For SAP RFC Library versions 6.40 and 7.00 before 20061211, consider disabling the SYSTEM CREATE INSTANCE function as a temporary workaround until a patch is available.

Name of the Vulnerable Software and Affected Versions: SAP RFC Library versions 6.40 and 7.00 before 20061211 Description: A buffer overflow issue exists in the RFC START PROGRAM function, allowing remote attackers to execute arbitrary code. The issue is based on a vague initial disclosure, and further details will be updated in the future. Recommendations: For SAP RFC Library versions 6.40 and 7.00 before 20061211, consider applying a patch or update after the grace period has ended to address the buffer overflow issue in the RFC START PROGRAM function. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Directory traversal vulnerability in SAP Internet Graphics Service (IGS) 6.40 Patchlevel 16 and earlier, and 7.00 Patchlevel 6 and earlier, allows remote attackers to delete arbitrary files via directory traversal sequences in an HTTP request. NOTE: This information is based upon an initial disclosure. Details will be updated after the grace period has ended. This issue is different from CVE-2006-4133 and CVE-2006-4134.

**Name of the Vulnerable Software and Affected Versions** SAP Internet Graphics Service (IGS) versions 6.40 Patchlevel 15 and earlier SAP Internet Graphics Service (IGS) versions 7.00 Patchlevel 3 and earlier **Description** The issue allows remote attackers to cause a denial of service, obtain sensitive information, and conduct unauthorized activities, related to undocumented features. **Recommendations** For SAP Internet Graphics Service (IGS) versions 6.40 Patchlevel 15 and earlier, update to a version later than Patchlevel 15. For SAP Internet Graphics Service (IGS) versions 7.00 Patchlevel 3 and earlier, update to a version later than Patchlevel 3.

**Name of the Vulnerable Software and Affected Versions** SAP Internet Graphics Service (IGS) versions 6.40 and earlier SAP Internet Graphics Service (IGS) versions 7.00 and earlier **Description** The issue allows remote attackers to cause a denial of service or execute arbitrary code via an HTTP request with an ADM:GETLOGFILE command and a long `portwatcher` argument. This triggers the overflow during error message construction when the ` snprintf` function returns a negative value that is used in a `memcpy` operation. **Recommendations** For SAP Internet Graphics Service (IGS) versions 6.40 and earlier, update to a version later than 6.40 to resolve the issue. For SAP Internet Graphics Service (IGS) versions 7.00 and earlier, update to a version later than 7.00 to resolve the issue. As a temporary workaround, consider restricting access to the HTTP request with the ADM:GETLOGFILE command to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Nikto versions 1.35 and earlier **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the Server field in an HTTP response header. This injected content is directly inserted into an HTML report. **Recommendations** For Nikto versions 1.35 and earlier, as a temporary workaround, consider disabling the generation of HTML reports until a patch is available. Restrict access to the Server field in HTTP response headers to minimize the risk of exploitation. Avoid using the affected Nikto versions for scanning until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** N-Stealth Commercial Edition versions prior to 5.8.0.38 N-Stealth Free Edition versions prior to 5.8.1.03 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the `Server` field in an HTTP response header. This injected content is directly inserted into an HTML report, potentially leading to the execution of malicious scripts. **Recommendations** For N-Stealth Commercial Edition versions prior to 5.8.0.38, update to version 5.8.0.38 or later. For N-Stealth Free Edition versions prior to 5.8.1.03, update to version 5.8.1.03 or later.

**Name of the Vulnerable Software and Affected Versions** PHPMailer versions 1.7.2 and earlier **Description** The issue allows remote attackers to cause a denial of service, resulting in an infinite loop that consumes memory and CPU. This is achieved by exploiting the Data function in the class.smtp.php file. **Recommendations** For PHPMailer versions 1.7.2 and earlier, update to a version later than 1.7.2 to resolve the issue.