sap sap web application server 6.40 vulnerabilities and exploits

(subscribe to this query)

Unspecified vulnerability in enserver.exe in SAP Web Application Server 6.40 before patch 136 and 7.00 before patch 66 allows remote malicious users to read arbitrary files via crafted data on a "3200+SYSNR" TCP port, as demonstrated by port 3201. NOTE: this issue can b...

Sap Sap Web Application Server 6.40 Sap Sap Web Application Server 7.00

1 EDB exploit

Unspecified vulnerability in SAP Web Application Server 6.40 before patch 136 and 7.00 before patch 66 allows remote malicious users to cause a denial of service (enserver.exe crash) via a 0x72F2 sequence on UDP port 64999.

Sap Sap Web Application Server 7.00 Sap Sap Web Application Server 6.40

SAP Web Application Server (WebAS) Kernel prior to 7.0 allows remote malicious users to inject arbitrary bytes into the HTTP response and obtain sensitive authentication information, or have other impacts, via a ";%20" followed by encoded HTTP headers.

Sap Sap Web Application Server 6.20 Sap Sap Web Application Server 6.40 Sap Sap Web Application Server 6.10

1 EDB exploit

HTTP response splitting vulnerability in frameset.htm in SAP Web Application Server (WAS) 6.10 up to and including 7.00 allows remote malicious users to inject arbitrary HTML headers via the sap-exiturl parameter.

Sap Sap Web Application Server 6.10 Sap Sap Web Application Server 6.20 Sap Sap Web Application Server 6.40 Sap Sap Web Application Server 7.0

frameset.htm in the BSP runtime in SAP Web Application Server (WAS) 6.10 up to and including 7.00 allows remote malicious users to log users out and redirect them to arbitrary web sites via a close command in the sap-sessioncmd parameter and a URL in the sap-exiturl parameter.

Sap Sap Web Application Server 6.40 Sap Sap Web Application Server 7.0 Sap Sap Web Application Server 6.10 Sap Sap Web Application Server 6.20

1 EDB exploit

Multiple cross-site scripting (XSS) vulnerabilities in SAP Web Application Server (WAS) 6.10 up to and including 7.00 allow remote malicious users to inject arbitrary web script or HTML via (1) the sap-syscmd in sap-syscmd and (2) the BspApplication field in the SYSTEM PUBLIC tes...

Sap Sap Web Application Server 6.10 Sap Sap Web Application Server 7.0 Sap Sap Web Application Server 6.20 Sap Sap Web Application Server 6.40

1 EDB exploit

Unspecified vulnerability in SAP Web Application Server prior to 6.40 patch 6 allows remote malicious users to cause a denial of service (enserver.exe crash) via a certain UDP packet to port 64999, aka "two bytes UDP crash," a different vulnerability than CVE-2006-5785.

Sap Sap Web Application Server 6.40

SAP NetWeaver Application Server Java Web Container, ENGINEAPI (prior to 7.10, 7.20, 7.30, 7.31, 7.40, 7.50) and SAP-JEECOR (prior to 6.40, 7.0, 7.01), allows an malicious user to inject code that can be executed by the application. An attacker could thereby control the behaviour...

Sap Netweaver Application Server Java 7.30 Sap Netweaver Application Server Java 7.31 Sap Netweaver Application Server Java 7.40 Sap Netweaver Application Server Java 7.50 Sap Netweaver Application Server Java 7.10 Sap Netweaver Application Server Java 7.20

Internet Communication Manager (aka ICMAN.exe or ICM) in SAP NetWeaver Application Server 6.x and 7.x, possibly only on Windows, allows remote malicious users to cause a denial of service (process crash) via a URI of a certain length that contains a sap-isc-key parameter, related...

Sap Internet Communication Manager Sap Sap Web Application Server 6.10 Sap Sap Web Application Server 6.20 Sap Sap Web Application Server 6.40 Sap Sap Web Application Server 7.0 Sap Sap Web Application Server 7.0.10

Unspecified vulnerability in sapstartsrv.exe in the SAP Kernel 6.40, 7.00, 7.01, 7.10, 7.11, and 7.20, as used in SAP NetWeaver 7.x and SAP Web Application Server 6.x and 7.x, allows remote malicious users to cause a denial of service (Management Console shutdown) via a crafted r...

Sap Sap Kernel 7.00 Sap Sap Kernel 7.01 Sap Sap Kernel 7.10 Sap Sap Kernel 7.11 Sap Sap Kernel 6.40 Sap Sap Kernel 7.20

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook