SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   Application (Generic)  >   SAP GUI Vendors:   SAP
SAP sapstartsrv Bug Lets Remote Users Deny Service
SecurityTracker Alert ID:  1023319
SecurityTracker URL:  http://securitytracker.com/id/1023319
CVE Reference:   CVE-2009-4603   (Links to External Site)
Updated:  Jan 14 2010
Original Entry Date:  Dec 10 2009
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): SAP Kernel 6.40, 7.00, 7.01, 7.10, 7.11, and 7.20
Description:   A vulnerability was reported in SAP sapstartsrv. A remote user can cause denial of service conditions.

A remote user can send specially crafted data to the target Web SAP Management Console interface (sapstartsrv) to cause the target service to crash.

All SAP products that use the sapstartsrv service are affected.

The vendor was notified on February 2, 2009.

CYBSEC reported this vulnerability.

Impact:   A remote user can cause the target service to crash.
Solution:   The vendor has issued a fix (see SAP Note 1302231).
Vendor URL:  www.sap.com/ (Links to External Site)
Cause:   Not specified
Underlying OS:   Linux (Any), UNIX (Any), Windows (Any)

Message History:   None.


 Source Message Contents

Date:  Thu, 10 Dec 2009 11:06:04 -0500
Subject:  [Full-disclosure] SAP sapstartsrv Denial of Service


Advisory Name: SAP sapstartsrv Denial of Service
=============

Vulnerability Class: Denial of Service
====================

Release Date: 12-10-2009
=============

Affected Applications: SAP Kernel 6.40, 7.00, 7.01, 7.10, 7.11 and 7.20.
Other versions may also be affected.
=====================

Affected Platforms: All SAP platforms running sapstartsrv
===================

Local / Remote: Remote
===============

Severity: Medium
=========

Researcher: CYBSEC-Labs Team
===========

Vendor Status: Confirmed. Updated Released
=============

Reference to Vulnerability Disclosure Policy:
http://www.cybsec.com/vulnerability_policy.pdf
============================================

Researcher's site Post:
http://www.cybsec.com/vuln/CYBSEC_SAP_sapstartsrv_DoS.pdf
=========================

Vulnerability Description:
==========================
In SAP instances, the sapstartsrv service provides a Web SAP Management
Console interface for remote administration. Due to a failure in the
processing of specially crafted requests, it is possible to remotely
shutdown the associated process.

Proof of Concept:
=================
A PoC was developed and was provided to the vendor for analysis.

Impact:
=======
Exploitation of this vulnerability would allow a remote attacker to deny
access to the SAP Management Console, interfering with the administrators'
operation.

Solution:
=========
SAP has released patches to address this vulnerability. Affected customers
should apply the patches immediately. More information can be found on SAP
Note 1302231.

Vendor Response:
================
2009-02-02: CYBSEC contacted Vendor.
2009-02-12: Vendor confirmed Vulnerability.
2009-02-13: Vendor Releases Patches.
2009-12-10: Advisory Public Disclosure.

Contact Information:
====================
For more information regarding the vulnerability feel free to contact the
CYBSEC Labs Team (cybseclabs <at> cybsec <dot> com), who will provide any
further information that may be required.

About CYBSEC S.A. Security Systems

CYBSEC is a leading Information Security company with more than 13 years
of expertise. More than 350 clients in Latin America, Europe and USA
guarantee our commitment.

Our Professional Services includes SAP Security, Secure Configuration, Web
Applications Security, Security Audit (SOX, PCI and ISO 27001) and
Penetration Testing.

Beyond professional services, CYBSEC is continuously researching new
defense and attack techniques and contributing with the security community
with high quality information exchange.

For more information regarding CYBSEC, please visit www.cybsec.com
(c) 2009 - CYBSEC



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2014, SecurityGlobal.net LLC