SAP upgrades foil buffer overflow flaws
Nick of time
Posted in Software, 9th July 2007 11:33 GMT
Free whitepaper – Service level monitoring and management
Security researchers have discovered a slew of vulnerabilities in enterprise software packages from SAP that create a means for hackers inject malware onto or crash vulnerable systems.
The vulnerabilities involve two ActiveX controls buffer overflow in EnjoySAP GUI and separate buffer overflow flaws in SAP's Message Server and SAP DB Web Server. Another bug leads to denial of service risks for firm's running SAP Web Application Server.
Fortunately all four sets of flaws, each discovered by Mark Litchfield of NGSSoftware, can be addressed by updating to the latest versions of SAP's software. ®

10 Strategies for Choosing a Midmarket ERP Solution
Enabling the Agile Data Center
Checklist: Midmarket ERP Solutions
Office 2010 fights Google with SharePoint bloat
Ubuntu's Karmic Koala bares fangs at Windows 7
Change your views: OS X tags exploited
Microsoft 'Dallas' muscles Google data crusade