SAP NetWeaver BAPI SMB Relay Arbitrary File Disclosure Vulnerability
BID:58487
Info
SAP NetWeaver BAPI SMB Relay Arbitrary File Disclosure Vulnerability
| Bugtraq ID: | 58487 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 20 2013 12:00AM |
| Updated: | Feb 20 2013 12:00AM |
| Credit: | Nikolay Mescherin (ERPScan) |
| Vulnerable: |
SAP NetWeaver 7.30 |
| Not Vulnerable: | |
Discussion
SAP NetWeaver BAPI SMB Relay Arbitrary File Disclosure Vulnerability
SAP NetWeaver is prone to an arbitrary file-disclosure vulnerability because it fails to properly sanitize user-supplied input before being used to read files.
Remote attackers can exploit this issue to disclose arbitrary files in the context of the application. This may aid in further attacks.
SAP NetWeaver 7.30 is vulnerable; other versions may also be affected.
SAP NetWeaver is prone to an arbitrary file-disclosure vulnerability because it fails to properly sanitize user-supplied input before being used to read files.
Remote attackers can exploit this issue to disclose arbitrary files in the context of the application. This may aid in further attacks.
SAP NetWeaver 7.30 is vulnerable; other versions may also be affected.
Exploit / POC
SAP NetWeaver BAPI SMB Relay Arbitrary File Disclosure Vulnerability
Attackers can exploit this issue with a browser.
Attackers can exploit this issue with a browser.
Solution / Fix
SAP NetWeaver BAPI SMB Relay Arbitrary File Disclosure Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
SAP NetWeaver BAPI SMB Relay Arbitrary File Disclosure Vulnerability
References:
References:
- [DSECRG-13-005] SAP NetWeaver BAPI �?? SMB Relay vulnerability (ERPScan)
- SAP Homepage (SAP)
- SAP Note 1446476 (SAP)