Vulnerability Details CVE-2009-4603
Unspecified vulnerability in sapstartsrv.exe in the SAP Kernel 6.40, 7.00, 7.01, 7.10, 7.11, and 7.20, as used in SAP NetWeaver 7.x and SAP Web Application Server 6.x and 7.x, allows remote attackers to cause a denial of service (Management Console shutdown) via a crafted request. NOTE: some of these details are obtained from third party information.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.4%
CVSS Severity
CVSS v2 Score 5.0
References
- http://secunia.com/advisories/37684
- http://www.cybsec.com/vuln/CYBSEC_SAP_sapstartsrv_DoS.pdf
- http://www.securityfocus.com/bid/37286
- http://www.securitytracker.com/id?1023319
- https://service.sap.com/sap/support/notes/1302231
- http://secunia.com/advisories/37684
- http://www.cybsec.com/vuln/CYBSEC_SAP_sapstartsrv_DoS.pdf
- http://www.securityfocus.com/bid/37286
- http://www.securitytracker.com/id?1023319
- https://service.sap.com/sap/support/notes/1302231
Products affected by CVE-2009-4603
-
cpe:2.3:a:sap:sap_kernel:6.40
-
cpe:2.3:a:sap:sap_kernel:7.00
-
cpe:2.3:a:sap:sap_kernel:7.01
-
cpe:2.3:a:sap:sap_kernel:7.10
-
cpe:2.3:a:sap:sap_kernel:7.11
-
cpe:2.3:a:sap:sap_kernel:7.20
-
cpe:2.3:a:sap:sap_netweaver:7.0
-
cpe:2.3:a:sap:sap_web_application_server:6.0