SAP DB Web Server Buffer Overflow Vulnerability - Advisories - Secunia


SAP DBのWebサーバー機能でスタックバッファオーバーフロー脆弱性が存在して任意のコードが実行できるそうです。

The vulnerability is caused due to a boundary error within waHTTP.exe and can be exploited to cause a stack-based buffer overflow via a specially crafted HTTP request to default port 9999/TCP.
Successful exploitation allows execution of arbitrary code, but requires that SAP DB is installed to run on its own web server.