CVE-2007-1918

Sažetak

The RFC_SET_REG_SERVER_PROPERTY function in the SAP RFC Library 6.40 and 7.00 before 20070109 implements an option for exclusive access to an RFC server, which allows remote attackers to cause a denial of service (client lockout) via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.

Reference

http://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_RFC_SET_REG_SERVER_PROPERTY_RFC_Function_Denial_of_Service.pdf
http://www.securityfocus.com/bid/23309
http://secunia.com/advisories/24722
http://securityreason.com/securityalert/2540
http://www.vupen.com/english/advisories/2007/1270
https://exchange.xforce.ibmcloud.com/vulnerabilities/33418
http://www.securityfocus.com/archive/1/464685/100/0/threaded

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:N/A:P

Zadnje važnije ažuriranje

22-09-2021 - 14:22

Objavljeno

10-04-2007 - 23:19