Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

CYBSEC - Security Pre-Advisory: Phishing Vector in SAP BC

from [Leandro Meiners] Network Security [Permanent Link]
Subject: CYBSEC - Security Pre-Advisory: Phishing Vector in SAP BC
Date: Wed, 15 Feb 2006 10:32:11 -0300 
(The following advisory is also available in PDF format for download at:
http://www.cybsec.com/vuln/CYBSEC_Security_Pre-Advisory_Phishing_Vector_in_SAP_BC.pdf
 )

CYBSEC S.A.
www.cybsec.com

Pre-Advisory Name: Phishing Vector in SAP BC (Business Connector)

Vulnerability Class: Phishing Vector / Improper Input Validation

Release Date: 02/15/2006

Affected Applications:  
* SAP BC Core Fix 7 (and below)

Affected Platforms: Platform-Independent

Local / Remote: Remote

Severity: Low

Author:  Leandro Meiners.

Vendor Status: Confirmed, patch released.

Reference to Vulnerability Disclosure Policy: 
http://www.cybsec.com/vulnerability_policy.pdf

Product Overview:
=================

SAP Business Connector (SAP BC) is a middleware application based on B2B
integration server from webMethods. It enables communication between SAP
applications and SAP R/3 and non-SAP applications, by making all SAP
functions accessible to business partners over the Internet as an
XML-based service.
The SAP Business Connector uses the Internet as a communication platform
and XML or HTML as the data format. It integrates non-SAP products by
using an open, non-proprietary technology.
 
Vulnerability Description:
==========================

SAP BC was found to provide a vector to allow Phishing scams against the
SAP BC administrator.

Technical Details:
==================

Technical details will be released three months after publication of
this pre-advisory. This was agreed upon with SAP to allow their clients
to upgrade affected software prior to the technical knowledge been
publicly available. 

Impact:
=======

This can be used to mount a Phishing scam by sending a link, that if
clicked by the administrator (while logged in, or logs in after
clicking) will load the attacker's site webpage inside an HTML frame.

Solutions:
==========

SAP released a patch regarding this issue, which requires Server Core
Fix 7. Details can be found in SAP note 908349.

Vendor Response:
================

* 12/06/2005: Initial Vendor Contact.
* 12/07/2005: Technical details for the vulnerabilities sent to vendor.
* 12/19/2005: Solutions provided by vendor.
* 02/15/2006: Coordinate release of pre-advisory without technical
details.
* 05/15/2006: Coordinate release of advisory with technical details.

Contact Information:
====================

For more information regarding the vulnerability feel free to contact
the author at lmeiners<at>cybsec.com. Please bear in mind that technical
details will be disclosed three months after the release of this
pre-advisory, so such questions won't be answered until then. 

For more information regarding CYBSEC: www.cybsec.com


----------------------------
Leandro Meiners
CYBSEC S.A. Security Systems
E-mail: lmeiners@cybsec.com
Tel/Fax: [54-11] 4382-1600
Web: http://www.cybsec.com
PGP-Key: http://pgp.mit.edu:11371/pks/lookup?search=lmeiners&op=index

Attachment: signature.asc
Description: This is a digitally signed message part

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • CYBSEC - Security Pre-Advisory: Phishing Vector in SAP BC, Leandro Meiners <=
Previous by Date:  Vulnerabilites in new laws on computer hacking, self-destruction
Next by Date:  Re: Re: Vulnerabilities in vBulltin(3.0.7 - 3.5.3) and IPB(2.0.0 - 2.1.4)., sudd3n_death
Previous by Thread:  Vulnerabilites in new laws on computer hacking, self-destruction
Next by Thread:  Digital Armaments Security Advisory 02.14.2006: Gallery web-based photo gallery remote file execution, info
Indexes:  [Date] [Thread] [Top] [All Lists]