SAP upgrades foil buffer overflow flaws | The Register

Skip to content

Software:

News Tools

Reg Shops

Top Stories

Read more top stories

Related Whitepapers

Enabling the Data Center Metamorphosis
From Fixed To Fluid
Solution Brief: Reduce Energy Costs
With Green IT Solutions
Server Consolidation and Containment
With Virtual Infrastructure
Gartner Paper: US Data Centers
The Calm Before the Storm
The Perfect (Virtual) Marriage
Deduplication and VMware
Making Green IT a Reality
Customer Perspectives on the Impact of Storage Vendor Decisions on Power, Cooling, & Space in Enterprise Data Centers

The Register » Software »

SAP upgrades foil buffer overflow flaws

Nick of time

By John Leyden → More by this author

Published Monday 9th July 2007 11:33 GMT

How IT Management Can "Green" the Data Center - Free Download

Security researchers have discovered a slew of vulnerabilities in enterprise software packages from SAP that create a means for hackers inject malware onto or crash vulnerable systems.

The vulnerabilities involve two ActiveX controls buffer overflow in EnjoySAP GUI and separate buffer overflow flaws in SAP's Message Server and SAP DB Web Server. Another bug leads to denial of service risks for firm's running SAP Web Application Server.

Fortunately all four sets of flaws, each discovered by Mark Litchfield of NGSSoftware, can be addressed by updating to the latest versions of SAP's software. ®

Save money taking your comms online - Free live event - Register now

3 comments posted — Comment period finished

Shiny software

Posted: 12:26 9th July 2007

shouldn't that be

Posted: 14:13 9th July 2007

The Computer is the Network and IT is always Growing ..... Citius, Altius, Fortius.

Posted: 16:08 9th July 2007

Track this type of story as a custom Atom/RSS feed or by email.

Related stories

SAP sings 'Only You' to Yasu (17 October 2007)
SAP confesses to 'inappropriate' Oracle downloads (3 July 2007)
SAP expands mobile reach (20 June 2007)
SAP plays tease over mid-market Salesforce 'killer' (8 June 2007)
Unpatched enterprise security bugs proliferate (24 August 2006)
Oracle in war of words with security researcher (26 January 2006)
Sybase invokes licence gag in flaw disclosure row (5 April 2005)

Post to Slashdot

Add to del.icio.us

Previous Article

From small embedded OS to the world's most used open mobile OS

whitepaper title

Enabling the Data Center Metamorphosis

This independent analyst paper gives real world advice on transforming your datacenter into a streamlined, dynamic, liquid engine capable of handling growth..

whitepaper title

Solution Brief: Reduce Energy Costs

Energy consumption has become a big issue. Dramatically increase server utilization and significantly reduce energy costs through Virtualization..

Whitepapers
BSM, IT and Business Facilitation Redefining FOTA deployment in EMEA Maximise the value of your line-of-business mobile solution Life online: The Web in 2020

Developer Headlines

The UK's latest developer news from MSDN

All of today's stories

How IT Management Can "Green" the Data Center

A Gartner Report

Download for free NOW

Top 20 stories • All The Week’s Headlines • Archive • Search