Feeds

Firms warned over SAP flaw

Action stations

  • alert
  • submit to reddit

Intelligent flash storage arrays

Organisations running the popular SAP R/3 enterprise software package risk exposing sensitive information because of a new security vulnerability, a UK government UNIRAS alert warns.

The UK's National Infrastructure Security Coordination Centre (NISCC) said the vulnerability stems from an input validation error with the SAP Internet Graphics Server sub-component of SAP R/3. The flaw creates a mechanism for hackers to launch directory traversal attacks.

NISCC rates the vulnerability, discovered by UK net security consultancy Corsaire, as high risk. Users are urged to update to version 6.40 Patch 11 or later. ®

Related stories

Countdown to SAP R/3 upgrade deadline
Oracle taken to task for time to fix vulnerabilities
Can Sun turn SOA rhetoric into weapon against IBM and SAP?
Microsoft and SAP deepen alliance

Top 5 reasons to deploy VMware with Tegile

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.