Vulnerabilities > CVE-2016-5845 - Local Privilege Escalation and Denial of Service vulnerability in SAP Sapcar
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
SAP SAPCAR does not check the return value of file operations when extracting files, which allows remote attackers to cause a denial of service (program crash) via an invalid file name in an archive file, aka SAP Security Note 2312905. <a href="http://cwe.mitre.org/data/definitions/252.html">CWE-252: Unchecked Return Value</a>
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | SAP SAPCAR - Multiple Vulnerabilities. CVE-2016-5845,CVE-2016-5847. Dos exploit for Linux platform |
| file | exploits/linux/dos/40230.txt |
| id | EDB-ID:40230 |
| last seen | 2016-08-10 |
| modified | 2016-08-10 |
| platform | linux |
| port | |
| published | 2016-08-10 |
| reporter | Core Security |
| title | SAP SAPCAR - Multiple Vulnerabilities |
| type | dos |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/138284/CORE-2016-0006.txt |
| id | PACKETSTORM:138284 |
| last seen | 2016-12-05 |
| published | 2016-08-11 |
| reporter | Core Security Technologies |
| source | https://packetstormsecurity.com/files/138284/SAP-CAR-Archive-Tool-Denial-Of-Service-Security-Bypass.html |
| title | SAP CAR Archive Tool Denial Of Service / Security Bypass |
References
- http://packetstormsecurity.com/files/138284/SAP-CAR-Archive-Tool-Denial-Of-Service-Security-Bypass.html
- http://seclists.org/fulldisclosure/2016/Aug/46
- http://www.securityfocus.com/archive/1/539180/100/0/threaded
- http://www.securityfocus.com/bid/92406
- https://www.coresecurity.com/advisories/sap-car-multiple-vulnerabilities
- https://www.exploit-db.com/exploits/40230/
- https://www.onapsis.com/blog/denial-service-attacks-sap-security-notes-august-2016