Vulnwatch mailing list archives
SAP Internet Graphics Server XSS and Heap Overflow
From: NGSSoftware Insight Security Research <mark () ngssoftware com>
Date: Thu, 05 Jul 2007 16:45:33 +0100
======= Summary ======= Name: SAP Internet Graphics Server XSS and Heap Overflow Release Date: 5 July 2007 Reference: NGS00487 Discover: Mark Litchfield <mark () ngssoftware com> Vendor: SAP Vendor Reference: SECRES-288 Systems Affected: Risk: Medium Status: Fixed ======== TimeLine ======== Discovered: 4 January 2007 Released: 19 January 2007 Approved: 27 January 2007 Reported: 8 January 2007 Fixed: 18 January 2007 Published: =========== Description =========== The SAP IGS overflow had previously been reported. The fix went out on the 18th Jan. Despite being reported on the 8th Jan, NGS did not receive any credit. The advisory that was posted by the other security researcher can be found at - http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_SAP_IGS_Remote_Buffer_Overflow.pdf. See attached note The XSS issue however is still being treated by SAP as a vulnerability. ================= Technical Details ================= http://10.1.1.30:40180/ADM:GETLOGFILE?PARAMS=<script>alert("hello")</script> =============== Fix Information =============== Please ensure you have the latest version NGSSoftware Insight Security Research http://www.ngssoftware.com/ http://www.databasesecurity.com/ http://www.nextgenss.com/+44(0)208 401 0070
Current thread:
- SAP Internet Graphics Server XSS and Heap Overflow NGSSoftware Insight Security Research (Jul 05)