Sign-up

ID

VAR-200611-0201


CVE

CVE-2006-5784


TITLE

SAP Web Application Server of enserver.exe Vulnerable to reading arbitrary files

Trust: 0.8

sources: JVNDB: JVNDB-2006-003418

DESCRIPTION

Unspecified vulnerability in enserver.exe in SAP Web Application Server 6.40 before patch 136 and 7.00 before patch 66 allows remote attackers to read arbitrary files via crafted data on a "3200+SYSNR" TCP port, as demonstrated by port 3201. NOTE: this issue can be leveraged by local users to access a named pipe as the SAPServiceJ2E user. SAP Web Application Server is prone to a remote information-disclosure vulnerability. An attacker can leverage this issue to gain access to sensitive data. Information obtained could aid in further attacks. These versions are affected: - 6.40 patch 135 and prior - 7.00 patch 55 and prior. ---------------------------------------------------------------------- To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German. The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios. This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links Read the full description: http://corporate.secunia.com/products/48/?r=l Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l ---------------------------------------------------------------------- TITLE: SAP Web Application Server Multiple Vulnerabilities SECUNIA ADVISORY ID: SA22677 VERIFY ADVISORY: http://secunia.com/advisories/22677/ CRITICAL: Moderately critical IMPACT: Exposure of sensitive information, DoS WHERE: >From remote SOFTWARE: SAP Web Application Server 7.x http://secunia.com/product/6087/ SAP Web Application Server 6.x http://secunia.com/product/3327/ DESCRIPTION: Nicob has reported some vulnerabilities in SAP Web Application Server, which can be exploited by malicious people to disclose sensitive information or to cause a DoS (Denial of Service). 2) An unspecified error allows crashing the enserver.exe process. The vulnerabilities are reported in version 6.40 and 7.00. PROVIDED AND/OR DISCOVERED BY: Nicob ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.98

sources: NVD: CVE-2006-5784 // JVNDB: JVNDB-2006-003418 // BID: 20877 // PACKETSTORM: 51593

AFFECTED PRODUCTS

vendor:sapmodel:web application serverscope:eqversion:6.40

Trust: 1.9

vendor:sapmodel:web application serverscope:eqversion:7.00

Trust: 1.6

vendor:sapmodel:web application serverscope:ltversion:patch 136

Trust: 0.8

vendor:sapmodel:web application serverscope:eqversion:7.0

Trust: 0.3

sources: BID: 20877 // JVNDB: JVNDB-2006-003418 // CNNVD: CNNVD-200611-114 // NVD: CVE-2006-5784

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2006-5784
value: MEDIUM

Trust: 1.0

NVD: CVE-2006-5784
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200611-114
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2006-5784
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

sources: JVNDB: JVNDB-2006-003418 // CNNVD: CNNVD-200611-114 // NVD: CVE-2006-5784

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2006-5784

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-200611-114

TYPE

Design Error

Trust: 0.9

sources: BID: 20877 // CNNVD: CNNVD-200611-114

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2006-003418

PATCH
title:SAP Web Application Serverurl:http://www.sap.com:80/solutions/netweaver/webappserver/index.asp
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2006-003418

EXTERNAL IDS
db:NVDid:CVE-2006-5784
Trust: 2.7
db:BIDid:20877
Trust: 1.9
db:SECUNIAid:22677
Trust: 1.7
db:SREASONid:1828
Trust: 1.6
db:VUPENid:ADV-2006-4318
Trust: 1.6
db:SECTRACKid:1017628
Trust: 1.6
db:EXPLOIT-DBid:3291
Trust: 1.6
db:JVNDBid:JVNDB-2006-003418
Trust: 0.8
db:BUGTRAQid:20070208 MULTIPLE VULNERABILITIES IN SAP WEBAS 6.40 AND 7.00 (TECHNICALDETAILS)
Trust: 0.6
db:BUGTRAQid:20061102 MULTIPLE VULNERABILITIES IN SAP WEB APPLICATION SERVER 6.40 AND7.00
Trust: 0.6
db:XFid:29982
Trust: 0.6
db:MILW0RMid:3291
Trust: 0.6
db:CNNVDid:CNNVD-200611-114
Trust: 0.6
db:PACKETSTORMid:51593
Trust: 0.1
sources:
            
            
            BID: 20877 // 
            
            
            
            JVNDB: JVNDB-2006-003418 // 
            
            
            
            PACKETSTORM: 51593 // 
            
            
            
            CNNVD: CNNVD-200611-114 // 
            
            
            
            NVD: CVE-2006-5784

REFERENCES
url:http://secunia.com/advisories/22677
Trust: 1.6
url:http://www.securitytracker.com/id?1017628
Trust: 1.6
url:http://www.securityfocus.com/bid/20877
Trust: 1.6
url:http://securityreason.com/securityalert/1828
Trust: 1.6
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/29982
Trust: 1.0
url:http://www.vupen.com/english/advisories/2006/4318
Trust: 1.0
url:https://www.exploit-db.com/exploits/3291
Trust: 1.0
url:http://www.securityfocus.com/archive/1/450394/100/0/threaded
Trust: 1.0
url:http://www.securityfocus.com/archive/1/459499/100/0/threaded
Trust: 1.0
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5784
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-5784
Trust: 0.8
url:http://www.frsirt.com/english/advisories/2006/4318
Trust: 0.6
url:http://xforce.iss.net/xforce/xfdb/29982
Trust: 0.6
url:http://www.securityfocus.com/archive/1/archive/1/459499/100/0/threaded
Trust: 0.6
url:http://www.securityfocus.com/archive/1/archive/1/450394/100/0/threaded
Trust: 0.6
url:http://milw0rm.com/exploits/3291
Trust: 0.6
url:http://www.sap.com
Trust: 0.3
url:/archive/1/450394
Trust: 0.3
url:/archive/1/459499
Trust: 0.3
url:/archive/1/450779
Trust: 0.3
url:http://secunia.com/product/6087/
Trust: 0.1
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
url:http://corporate.secunia.com/products/48/?r=l
Trust: 0.1
url:http://secunia.com/advisories/22677/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://corporate.secunia.com/how_to_buy/15/?r=l
Trust: 0.1
url:http://secunia.com/product/3327/
Trust: 0.1
sources:
            
            
            BID: 20877 // 
            
            
            
            JVNDB: JVNDB-2006-003418 // 
            
            
            
            PACKETSTORM: 51593 // 
            
            
            
            CNNVD: CNNVD-200611-114 // 
            
            
            
            NVD: CVE-2006-5784

CREDITS
Nicob nicob@nicob.net
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200611-114

SOURCES
db:BIDid:20877
db:JVNDBid:JVNDB-2006-003418
db:PACKETSTORMid:51593
db:CNNVDid:CNNVD-200611-114
db:NVDid:CVE-2006-5784

LAST UPDATE DATE
2024-11-23T21:57:26.392000+00:00

SOURCES UPDATE DATE
db:BIDid:20877date:2007-02-08T23:18:00
db:JVNDBid:JVNDB-2006-003418date:2012-12-20T00:00:00
db:CNNVDid:CNNVD-200611-114date:2007-08-08T00:00:00
db:NVDid:CVE-2006-5784date:2024-11-21T00:20:32.200

SOURCES RELEASE DATE
db:BIDid:20877date:2006-11-02T00:00:00
db:JVNDBid:JVNDB-2006-003418date:2012-12-20T00:00:00
db:PACKETSTORMid:51593date:2006-11-03T00:05:01
db:CNNVDid:CNNVD-200611-114date:2006-11-07T00:00:00
db:NVDid:CVE-2006-5784date:2006-11-07T23:07:00