Vulnerabilities > CVE-2011-1517 - Unspecified vulnerability in SAP Netweaver 7.0

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
sap
critical

Summary

SAP NetWeaver 7.0 allows Remote Code Execution and Denial of Service caused by an error in the DiagTraceHex() function. By sending a specially-crafted packet, an attacker could exploit this vulnerability to cause the application to crash.

Vulnerable Configurations

Part Description Count
Application
Sap
1

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/112538/CORE-2012-0123.txt
idPACKETSTORM:112538
last seen2016-12-05
published2012-05-08
reporterCore Security Technologies
sourcehttps://packetstormsecurity.com/files/112538/SAP-Netweaver-7.0-EHP1-EHP2-Buffer-Overflows.html
titleSAP Netweaver 7.0 EHP1/EHP2 Buffer Overflows

Seebug

  • bulletinFamilyexploit
    descriptionNo description provided by source.
    idSSV:72871
    last seen2017-11-19
    modified2014-07-01
    published2014-07-01
    reporterRoot
    sourcehttps://www.seebug.org/vuldb/ssvid-72871
    titleSAP Netweaver Dispatcher Multiple Vulnerabilities
  • bulletinFamilyexploit
    descriptionNo description provided by source.
    idSSV:74568
    last seen2017-11-19
    modified2014-07-01
    published2014-07-01
    reporterRoot
    sourcehttps://www.seebug.org/vuldb/ssvid-74568
    titlesap netweaver dispatcher 7.0 ehp1/2 - Multiple Vulnerabilities