Published: 07/11/2006 Updated: 17/10/2018

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

VMScore: 465

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Unspecified vulnerability in enserver.exe in SAP Web Application Server 6.40 before patch 136 and 7.00 before patch 66 allows remote malicious users to read arbitrary files via crafted data on a "3200+SYSNR" TCP port, as demonstrated by port 3201. NOTE: this issue can be leveraged by local users to access a named pipe as the SAPServiceJ2E user.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sap sap web application server 6.40
sap sap web application server 7.00

#!/usr/bin/perl -w ## ## SAP 'enserverexe' file downloader ## Tested on "SAP Web Application Server Java 640" (eval DVD) ## Found & coded by Nicob ## ## The downloaded file is limited to the first 32 kilobytes ## Usual port : TCP/3200+SYSNR ## Exemple : /r3-stealer-10pl 192168222 3201 "c:\\bootini" ## ## From MSDN (Win2K pre-SP4, WinX ...

NVD-CWE-noinfo http://www.securityfocus.com/bid/20877 http://secunia.com/advisories/22677 http://www.securitytracker.com/id?1017628 http://securityreason.com/securityalert/1828 http://www.vupen.com/english/advisories/2006/4318 https://exchange.xforce.ibmcloud.com/vulnerabilities/29982 https://www.exploit-db.com/exploits/3291 http://www.securityfocus.com/archive/1/459499/100/0/threaded http://www.securityfocus.com/archive/1/450394/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/3291/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-5784

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect