Posted by Onapsis Research Team on Nov 09

Onapsis Security Advisory 2015-042: SAP HANA EXECUTE_SEARCH_RULE_SET
Stored Procedure Memory corruption

1. Impact on Business
=====================

By exploiting this vulnerability, a remote authenticated attacker could
render the SAP HANA Platform unavailable to other users until the next
process restart.

Risk Level: High

2. Advisory Information
=======================

– Public Release Date: 11/09/2015
– Last Revised: 11/06/2015
– Security…

Posted by Onapsis Research Team on Nov 09

Onapsis Security Advisory 2015-043: SAP HANA Remote Code Execution (HTTP
Login based)

1. Impact on Business
=====================

By exploiting this vulnerability, an unauthenticated attacker could
completely compromise the system, and would be able to access and manage
any business-relevant information or processes.

Risk Level: Critical

2. Advisory Information
=======================

– Public Release Date: 11/09/2015
– Last Revised:…

Posted by Onapsis Research Team on Nov 09

Onapsis Security Advisory 2015-044: SAP HANA Remote Code Execution (SQL
Login based)

1. Impact on Business
=====================

By exploiting this vulnerability, an unauthenticated attacker could
completely compromise the system, and would be able to access and manage
any business-relevant information or processes.

Risk Level: Critical

2. Advisory Information
=======================

– Public Release Date: 11/09/2015
– Last Revised:…

Posted by Onapsis Research Team on Nov 09

Onapsis Security Advisory 2015-024-040: SAP HANA TrexNet Vulnerabilities

1. Impact on Business
=====================

By exploiting these vulnerabilities, an unauthenticated attacker could
execute arbitrary operating system commands, gaining full control of the
HANA platform; read, write and delete sensitive business information or
perform a denial of service by completely shutting down the SAP HANA
instance.

Risk Level: Critical

2. Advisory…