In association with heise online

11 March 2008, 10:43

Critical vulnerability in SAP's MaxDB database

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

SAP's MaxDB contains vulnerabilities that can be exploited remotely to execute malicious code. Local users can also escalate their system privileges. Updates have been provided to remedy the flaws.

Security service provider iDefense has discovered a flaw in the vserver component that receives incoming connections at TCP port 7210. vserver handles communication between the server and clients. The program does not check the values that clients transmit. Attackers can therefore overwrite the heap with manipulated queries and execute injected code.

iDefense has also found a vulnerability in the sdbstarter component of MaxDB. It contains set-uid root and can be launched by all users in the sdba group. It processes environment variables with settings for components in the database. By manipulating these variables, local users can launch their own program code with root privileges.

iDefense discovered the first flaw in version 7.6.0.37 under Linux. The second also affects version 7.6.0.37, but under Linux and Solaris. iDefense expects that previous versions are also vulnerable. SAP has released version 7.6.03.15 of the database to remedy the flaws. Administrators of MaxDB servers are advised to update their system as quickly as possible. Access to TCP port 7210 should also be restricted to trustworthy computers by means of a firewall.

See also:

(mba)

Print Version | Send by email | Permalink: http://h-online.com/-734493
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit