Shodan
Vulnerabilities
Vulnerable Software
Sap:  Security Vulnerabilities
CVE-2002-1579
SAP GUI (Sapgui) 4.6D allows remote attackers to cause a denial of service (crash) via a connection to a high-numbered port, which generates an "unknown connection data" error.
CVSS Score
5.0
EPSS Score
0.007
Published
2004-04-15
CVE-2003-1033
The (1) instdbmsrv and (2) instlserver programs in SAP DB Development Tools 7.x trust the user-provided INSTROOT environment variable as a path when assigning setuid permissions to the lserver program, which allows local users to gain root privileges via a modified INSTROOT that points to a malicious dbmsrv or lserver program.
CVSS Score
7.2
EPSS Score
0.0
Published
2004-04-15
CVE-2003-1034
The RPM installation of SAP DB 7.x creates the (1) dbmsrv or (2) lserver programs with world-writable permissions, which allows local users to gain privileges by modifying those programs.
CVSS Score
4.6
EPSS Score
0.001
Published
2004-04-15
CVE-2003-1035
The default installation of SAP R/3 46C/D allows remote attackers to bypass account locking by using the RFC API instead of the SAPGUI to conduct a brute force password guessing attack, which does not lock out the account like the SAPGUI does.
CVSS Score
7.5
EPSS Score
0.004
Published
2004-04-15
CVE-2003-1036
Multiple buffer overflows in the AGate component for SAP Internet Transaction Server (ITS) allow remote attackers to execute arbitrary code via long (1) ~command, (2) ~runtimemode, or (3) ~session parameters, or (4) a long HTTP Content-Type header.
CVSS Score
7.5
EPSS Score
0.031
Published
2004-04-15
CVE-2003-1037
Format string vulnerability in the WGate component for SAP Internet Transaction Server (ITS) allows remote attackers to execute arbitrary code via a high "trace level."
CVSS Score
7.5
EPSS Score
0.019
Published
2004-04-15
CVE-2003-1038
The AGate component for SAP Internet Transaction Server (ITS) allows remote attackers to obtain sensitive information via a ~command parameter with an AgateInstallCheck value, which provides a list of installed DLLs and full pathnames.
CVSS Score
5.0
EPSS Score
0.005
Published
2004-04-15
CVE-2003-1039
Multiple buffer overflows in the mySAP.com architecture for SAP allow remote attackers to execute arbitrary code via a long HTTP Host header to (1) Message Server, (2) Web Dispatcher, or (3) Application Server.
CVSS Score
7.5
EPSS Score
0.035
Published
2004-04-15
CVE-2003-0938
vos24u.c in SAP database server (SAP DB) 7.4.03.27 and earlier allows local users to gain SYSTEM privileges via a malicious "NETAPI32.DLL" in the current working directory, which is found and loaded by SAP DB before the real DLL, as demonstrated using the SQLAT stored procedure.
CVSS Score
7.2
EPSS Score
0.0
Published
2003-12-15
CVE-2003-0939
eo420_GetStringFromVarPart in veo420.c for SAP database server (SAP DB) 7.4.03.27 and earlier may allow remote attackers to execute arbitrary code via a connect packet with a 256 byte segment to the niserver (aka serv.exe) process on TCP port 7269, which prevents the server from NULL terminating the string and leads to a buffer overflow.
CVSS Score
7.5
EPSS Score
0.046
Published
2003-12-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved