Vulnerabilities > CVE-2011-1517 - Unspecified vulnerability in SAP Netweaver 7.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
SAP NetWeaver 7.0 allows Remote Code Execution and Denial of Service caused by an error in the DiagTraceHex() function. By sending a specially-crafted packet, an attacker could exploit this vulnerability to cause the application to crash.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Packetstorm
data source | https://packetstormsecurity.com/files/download/112538/CORE-2012-0123.txt |
id | PACKETSTORM:112538 |
last seen | 2016-12-05 |
published | 2012-05-08 |
reporter | Core Security Technologies |
source | https://packetstormsecurity.com/files/112538/SAP-Netweaver-7.0-EHP1-EHP2-Buffer-Overflows.html |
title | SAP Netweaver 7.0 EHP1/EHP2 Buffer Overflows |
Seebug
bulletinFamily exploit description No description provided by source. id SSV:72871 last seen 2017-11-19 modified 2014-07-01 published 2014-07-01 reporter Root source https://www.seebug.org/vuldb/ssvid-72871 title SAP Netweaver Dispatcher Multiple Vulnerabilities bulletinFamily exploit description No description provided by source. id SSV:74568 last seen 2017-11-19 modified 2014-07-01 published 2014-07-01 reporter Root source https://www.seebug.org/vuldb/ssvid-74568 title sap netweaver dispatcher 7.0 ehp1/2 - Multiple Vulnerabilities
References
- http://archives.neohapsis.com/archives/bugtraq/2012-05/0061.html
- http://www.securityfocus.com/bid/53424
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75452
- http://archives.neohapsis.com/archives/bugtraq/2012-05/0061.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75452
- http://www.securityfocus.com/bid/53424