Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

SAP Internet Communication Framework (BC-MID-ICF) Vulnerability

from [Ivan Buetler] Network Security [Permanent Link]
Subject: SAP Internet Communication Framework (BC-MID-ICF) Vulnerability
Date: Wed, 27 Jun 2007 09:03:39 +0200 
#############################################################
#
# COMPASS SECURITY ADVISORY http://www.csnc.ch/ 
# 
#############################################################
#
# Product: Internet Communication Framework (BC-MID-ICF) 
# Vendor:  SAP 
# Subject: Multiple XSS, HTML Injection
# Risk:    High
# Effect:  Remotely exploitable
# Author:  Cyrill Brunschwiler (cyrill.brunschwiler@csnc.ch)
# Date:    June, 17th 2007
#
#############################################################

Introduction:
-------------
Compass Security discovered multiple web application security flaws in
the SAP Internet Communication Framework (BC-MID-ICF).

Vulnerable:
-----------
SAP Basis component 640 SP19 and lower
SAP Basis component 700 SP11 and lower

Not vulnerable:
---------------
Customers which registered a customized login error page for SIFC
transactions (e.g. for default_host) may not suffer this vulnerability. 

SAP Basis component 640 SP20
SAP Basis component 700 SP12


Vulnerability Management:
-------------------------
October 2006: Vulnerability found
October 2006: SAP Security notified
November 2007: SAP confirmation
April/May 2007: Patches available
June 2007: Compass Security Information


SAP Information Policy:
-------------------------
The information is available to registered SAP clients only (SAP
Security Notes)


Patches:
--------
Available at SAP (See SAP Note No. 1022102).

Description
-----------
The default login error page reflects unfiltered user input for multiple
fields. Exploting the vulnerability will lead to so-called cross-site
scripting (XSS).

XSS Ref: http://en.wikipedia.org/wiki/Cross-site_scripting

Cross-site scripting (XSS) is a type of computer security vulnerability
typically found in web applications which allow code injection by
malicious web users into the web pages viewed by other users. Examples
of such code include HTML code and client-side scripts. An exploited
cross-site scripting vulnerability can be used by attackers to bypass
access controls such as the same origin policy. Recently,
vulnerabilities of this kind have been exploited to craft powerful
phishing attacks and browser exploits. Cross-site scripting was
originally referred to as CSS, although this usage has been largely
discontinued.
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • SAP Internet Communication Framework (BC-MID-ICF) Vulnerability, Ivan Buetler <=
Previous by Date:  PHP 4/5 htaccess safemode and open_basedir Bypass, cxib
Next by Date:  Openedge _mprosrv buffer overflow, suresync
Previous by Thread:  PHP 4/5 htaccess safemode and open_basedir Bypass, cxib
Next by Thread:  Openedge _mprosrv buffer overflow, suresync
Indexes:  [Date] [Thread] [Top] [All Lists]