CVE-2008-0621

Sažetak

Buffer overflow in SAPLPD 6.28 and earlier included in SAP GUI 7.10 and SAPSprint before 1018 allows remote attackers to execute arbitrary code via long arguments to the (1) 0x01, (2) 0x02, (3) 0x03, (4) 0x04, and (5) 0x05 LPD commands.

Reference

http://secunia.com/advisories/28786
http://secunia.com/advisories/28811
http://securityreason.com/securityalert/3619
http://www.securityfocus.com/archive/1/487508/100/0/threaded
http://www.securityfocus.com/archive/1/487575/100/0/threaded
http://www.securityfocus.com/bid/27613
http://www.securitytracker.com/id?1019300
http://www.vupen.com/english/advisories/2008/0409
http://www.vupen.com/english/advisories/2008/0438
https://www.exploit-db.com/exploits/5079

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

15-10-2018 - 22:02

Objavljeno

06-02-2008 - 12:00