{"uuid": "2ccbbfa1-324c-4cac-a87d-79351a9b9aae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2015-2820", "type": "seen", "source": "https://t.me/ETHICALHACKERSCOMMUNITY2/3890", "content": "CVE-2015-2819 Sybase SQL vah_13 (ERPScan)   CVE-2015-2820 SAP Afaria vah_13 (ERPScan)   CVE-2015-7091 Apple QuickTime Pedro Ribeiro (pedrib@gmail.com)   CVE-2015-8330 SAP PCo agent Mathieu GELI (ERPScan)   CVE-2016-1928 SAP HANA hdbxsengine Mathieu Geli (ERPScan)   CVE-2016-3979 SAP NetWeaver @ret5et (ERPScan)   CVE-2016-3980 SAP NetWeaver @ret5et (ERPScan)   CVE-2016-4015 SAP NetWeaver @vah_13 (ERPScan)   CVE-2016-4015 SAP NetWeaver @vah_13 (ERPScan)   CVE-2016-9562 SAP NetWeaver @vah_13 (ERPScan)   CVE-2017-5371 SAP ASE OData @vah_13 (ERPScan)   CVE-2017-9843 SAP NETWEAVER @vah_13 (ERPScan)   CVE-2017-9845 SAP NETWEAVER @vah_13 (ERPScan)   CVE-2018-0101 (https://www.nccgroup.trust/globalassets/newsroom/uk/events/offensivecon2018-the-return-of-robin-hood-vs-cisco-asa.pdf) Cisco ASA WebVPN/AnyConnect @saidelike (NCC Group)    We would like to thank the Chromium project and Mozilla for analyzing, fixing and reporting further many of the above mentioned issues, CERT-FI for feedback and disclosure handling, and other users, projects and vendors who have responsibly taken care of uncovered bugs. Thanks The following people have contributed to the development of radamsa in code, ideas, issues or otherwise.  Darkkey Branden Archer  Troubleshooting Issues in Radamsa can be reported to the issue tracker. The tool is under development, but we are glad to get error reports even for known issues to make sure they are not forgotten. You can also drop by at #radamsa on Freenode if you have questions or feedback. Issues your programs should be fixed. If Radamsa finds them quickly (say, in an hour or a day) chances are that others will too. Issues in other programs written by others should be dealt with responsibly. Even fairly simple errors can turn out to be exploitable, especially in programs written in low-level languages. In case you find something potentially severe, like an easily reproducible crash, and are unsure what to do with it, ask the vendor or project members, or your local CERT. FAQ Q: If I find a bug with radamsa, do I have to mention the tool?\n A: No. Q: Will you make a graphical version of radamsa?\nA: No. The intention is to keep it simple and scriptable for use in automated (https://www.kitploit.com/search/label/Automated) regression tests and continuous testing. Q: I can't install! I don't have root access on the machine!\n A: You can omit the $ make install part and just run radamsa from bin/radamsa in the build directory, or copy it somewhere else and use from there. Q: Radamsa takes several GB of memory to compile!1\n A: This is most likely due to an issue with your C compiler. Use prebuilt images or try the quick build instructions in this page. Q: Radamsa does not compile using the instructions in this page!\n A: Please file an issue at https://gitlab.com/akihe/radamsa/issues/new if you don't see a similar one already filed, send email (aohelin@gmail.com) or IRC (#radamsa on freenode). Q: I used fuzzer X and found much more bugs from program Y than Radamsa did.\n A: Cool. Let me know about it (aohelin@gmail.com) and I'll try to hack something X-ish to radamsa if it's general purpose enough. It'd also be useful to get some samples which you used to check how well radamsa does, because it might be overfitting some heuristic. Q: Can I get support for using radamsa?\n A: You can send email to aohelin@gmail.com or check if some of us happen to be hanging around at #radamsa on freenode. Q: Can I use radamsa on Windows?\n A: An experimental Windows executable is now in Downloads, but we have usually not tested it properly since we rarely use Windows internally. Feel free to file an issue if something is broken. Q: How can I install radamsa?\n A: Grab a binary from downloads and run it, or $ make && sudo make install. Q: How can I uninstall radamsa?\n A: Remove the binary you grabbed from downloads, or $ sudo make uninstall. Q: Why are many outputs generated by Radamsa equal?", "creation_timestamp": "2024-03-26T12:31:51.000000Z"}