SQL injection vulnerability in metadata.xsjs in SAP HANA 1.00.60.379371 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Monthly Archives: November 2014
CVE-2014-8589
Integer overflow in SAP Network Interface Router (SAProuter) 40.4 allows remote attackers to cause a denial of service (resource consumption) via crafted requests.
CVE-2014-8587
SAPCRYPTOLIB before 5.555.38, SAPSECULIB, and CommonCryptoLib before 8.4.30, as used in SAP NetWeaver AS for ABAP and SAP HANA, allows remote attackers to spoof Digital Signature Algorithm (DSA) signatures via unspecified vectors.
CVE-2014-8592
Unspecified vulnerability in SAP Host Agent, as used in SAP NetWeaver 7.02 and 7.3, allows remote attackers to cause a denial of service (process termination) via a crafted request.
CVE-2014-8591
Unspecified vulnerability in SAP Internet Communication Manager (ICM), as used in SAP NetWeaver 7.02 and 7.3, allows remote attackers to cause a denial of service (process termination) via unknown vectors.
CVE-2014-8590
XML external entity (XXE) vulnerability in the Web Service Navigator in SAP NetWeaver Application Server (AS) Java allows remote attackers to access arbitrary files via a crafted request.
American Express wants to swap card numbers for tokens
American Express has launched a new service, which looks to swap payment card numbers with unique tokens, reports Network World.
The post American Express wants to swap card numbers for tokens appeared first on We Live Security.
Google Releases Nogotofail Tool to Test Network Security
The last year has produced a rogues’ gallery of vulnerabilities in transport layer security implementations and new attacks on the key protocols, from Heartbleed to the Apple gotofail flaw to the recent POODLE attack. To help developers and security researchers identify applications that are vulnerable to known SSL/TLS attacks and configuration problems, Google is releasing a […]
Avast 2015 new feature: Home Network Security scanning
Nowadays, security is team work: Software and hardware should work together to achieve the most complete protection possible.
Complete protection is why the developers at Avast Software decided to include a security feature called Home Network Security (HNS) in the new Avast 2015. HNS is all about scanning your router for vulnerabilities and identifying potential security problems that open the door to threats. Routers are the weakest security point in many home and small business networks these days, so this is a very valid and needed feature.
Here comes the problem. There are zillions of different routers available around the world, but the majority of users just acquire one “that works and is not so expensiveâ or they get whatever their ISP gives them.  That means the security is already compromised. HNS has been conceived to solve these major threats:
- 1. Your wireless network is not secure due to lack of encryption. Thus, anybody in range, like your neighbor, can connect to your Wi-Fi to use the bandwidth and access your other devices (printer, network disk, etc.).
- 2. Your network router is accessible from the internet, so hackers can access the router and modify your network settings, even disabling the internet connection or stealing your personal data.
- 3. Your router is vulnerable to hacker attacks, i.e., hackers can easily read your router settings, get access to the router, and modify it. Your personal data might be in risk.
- 4. Your internet connection is compromised and your router could be hijacked. Your router is already hacked (i.e., some well-known sites are re-directed to fake IPs).
- 5. Devices on your network are accessible from internet. This happens when Internet Protocol version 6 (IPv6 )Â is enabled on the router and the devices get IPv6 addresses that are not firewalled. The problem is not primarily in the protocol, but in the router, which is not able to secure the devices with these addresses
Avast can help you protect your home network
With Home Network Security  on all  Avast security products, we can translate this into security protection for you. This 7-part series published on the Avast blog this month will show you what to do to enhance your network security and how Avast can guide you through the task.
Before we continue, know that there are a lot of free guides available from the major router manufacturers that provide step-by-step information. Take a look, for instance, here. Look for your model and read a bit. Remember, all you learn will work toward protecting your network. You can also download and install a router detector that could help you in this job.
Avast Softwareâs security applications for PC, Mac, and Android are trusted by more than 200-million people and businesses. Please follow us on Facebook, Twitter and Google+.