Details of VAR-E-201001-1551

ID

VAR-E-201001-1551

TITLE

SAP MaxDB Unspecified Information Disclosure and Denial of Service Vulnerabilities

Trust: 0.3

sources: BID: 37766

DESCRIPTION

SAP MaxDB is prone to an unspecified information-disclosure vulnerability and an unspecified denial-of-service vulnerability.
Very few details are currently available regarding these issues. We will update this BID as more information emerges.
Attackers can exploit these issues to a cause a denial-of-service condition or obtain sensitive information.
SAP MaxDB 7.6.06 is vulnerable; other versions any also be affected.

Trust: 0.3

sources: BID: 37766

AFFECTED PRODUCTS

vendor:

sap

model:

maxdb

scope:

version:

7.6.6

Trust: 0.3

sources: BID: 37766

EXPLOIT

A working commercial exploit is available through the Intevydis VulnDisco package. This exploit is not otherwise publicly available or known to be circulating in the wild.

Trust: 0.3

sources: BID: 37766

PRICE

Free

Trust: 0.3

sources: BID: 37766

TYPE

Unknown

Trust: 0.3

sources: BID: 37766

CREDITS

Intevydis

Trust: 0.3

sources: BID: 37766

EXTERNAL IDS

db:

BID

id:

37766

Trust: 0.3

sources: BID: 37766

REFERENCES

url:	http://intevydis.com/company.shtml	Trust: 0.3
url:	https://www.sdn.sap.com/irj/sdn/maxdb	Trust: 0.3

sources: BID: 37766

SOURCES

db:

BID

id:

37766

LAST UPDATE DATE

2022-07-27T09:50:24.545000+00:00

SOURCES UPDATE DATE

db:

BID

id:

37766

date:

2010-01-13T00:00:00

SOURCES RELEASE DATE

db:

BID

id:

37766

date:

2010-01-13T00:00:00