Critical hole in SAP database MaxDB
A critical security hole in the SAP DB and MaxDB databases allows attackers to gain control over the service. MaxDB is the open source database for SAP systems like mySAP Business Suite and others. Its continued development has been handled by Mysql AB, and it has been certified by SAP. The flaw is located in the web management portion of the database's WebDBM, Symantec reports. Specially prepared HTTP requests with overlong database names can be used to plant code by provoking a buffer overflow, and then execute that code with the web server's rights (wahttp). No prior authentication is needed for this.
The flaw was found in MaxDB version 7.6.00.22, although previous versions are potentially also affected. The manufacturer has removed the hole in MaxDB 7.6.00.31. No update is available for SAP-DB, which is no longer under continued development, Symantec reports. The company recommends turning off the web service as a workaround.
- SAP-DB/MaxDB WebDBM remote buffer overflow, Advisory from Symantec
(ehe)