SAP RFC Library Trusted_System_Security Function Information Disclosure Vulnerability
BID:23305
Info
SAP RFC Library Trusted_System_Security Function Information Disclosure Vulnerability
| Bugtraq ID: | 23305 |
| Class: | Unknown |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 04 2007 12:00AM |
| Updated: | Apr 05 2007 07:32PM |
| Credit: | Victor Montero and Gustavo Kunst are credited with the discovery of this issue. |
| Vulnerable: |
SAP RFC Library 7.00 SAP RFC Library 6.40 |
| Not Vulnerable: | |
Discussion
SAP RFC Library Trusted_System_Security Function Information Disclosure Vulnerability
SAP RFC Library is prone to an information-disclosure vulnerability.
Few details regarding this issue are currently available. This BID will be updated as more information emerges.
An attacker can exploit this issue to access sensitive informaiton.
SAP RFC Library is prone to an information-disclosure vulnerability.
Few details regarding this issue are currently available. This BID will be updated as more information emerges.
An attacker can exploit this issue to access sensitive informaiton.
Exploit / POC
SAP RFC Library Trusted_System_Security Function Information Disclosure Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
SAP RFC Library Trusted_System_Security Function Information Disclosure Vulnerability
Solution:
The vendor has released fixes to address this issue. Please contact the vendor for information on how to obtain and apply these fixes.
Solution:
The vendor has released fixes to address this issue. Please contact the vendor for information on how to obtain and apply these fixes.
References
SAP RFC Library Trusted_System_Security Function Information Disclosure Vulnerability
References:
References:
- SAP Homepage (SAP)
- SAP TRUSTED_SYSTEM_SECURITY RFC Function Information Disclosure (Cybsec S.A.)