Vulnerabilities > CVE-2003-1038 - Unspecified vulnerability in SAP Internet Transaction Server 6.20

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

sap

NVD

Published: 2004-04-15

Updated: 2024-11-20

Summary

The AGate component for SAP Internet Transaction Server (ITS) allows remote attackers to obtain sensitive information via a ~command parameter with an AgateInstallCheck value, which provides a list of installed DLLs and full pathnames.

Vulnerable Configurations

Part	Description	Count
Application	Sap SAP Internet Transaction Server 6.20 SAP Internet Transaction Server *	2

References

http://www.phenoelit.de/stuff/Phenoelit20c3.pd
http://www.phenoelit.de/stuff/Phenoelit20c3.pd
https://exchange.xforce.ibmcloud.com/vulnerabilities/15516
https://exchange.xforce.ibmcloud.com/vulnerabilities/15516