Core Security Technologies Advisory - Multiple vulnerabilities have been found in SAP Netweaver that could allow an unauthenticated remote attacker to execute arbitrary code and lead to denial of service conditions. The vulnerabilities are triggered sending specially crafted SAP Message Server packets to remote TCP ports 36NN and/or 39NN (being NN the SAP system number) of a host running the 'Message Server' service, part of SAP Netweaver Application Server ABAP. By sending different messages, the different vulnerabilities can be triggered.
287b3598e1016bac4e6bbe89252ab94d7ee5e39ea5592c228fff16f1c08ce946
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed