SAP.Message.Server.Group.Parameter.Remote.Buffer.Overflow
Description
This indicates an attempt to exploit a heap overflow vulnerability in SAP message server.
The vulnerability is caused by an input validation error that occurs in "/msgserver/html/group" while handling the group parameter. It allows remote attackers to execute arbitrary code via a a long string in the group parameter.
Affected Products
SAP Message Server
Impact
System Compromise: remote attackers can gain control of vulnerable systems.
Recommended Actions
Upgrade to the latest version, available from the following web site:
ftp://ftp.sap.com/pub
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |