VYPR

Vendor CVEs

SAP

All CVEs

1,818 total · sorted by risk
  • CVE-2002-1579Apr 15, 2004
    risk 0.00cvss epss 0.02

    SAP GUI (Sapgui) 4.6D allows remote attackers to cause a denial of service (crash) via a connection to a high-numbered port, which generates an "unknown connection data" error.

  • CVE-2003-1037Apr 15, 2004
    risk 0.00cvss epss 0.03

    Format string vulnerability in the WGate component for SAP Internet Transaction Server (ITS) allows remote attackers to execute arbitrary code via a high "trace level."

  • CVE-2003-1034Apr 15, 2004
    risk 0.00cvss epss 0.00

    The RPM installation of SAP DB 7.x creates the (1) dbmsrv or (2) lserver programs with world-writable permissions, which allows local users to gain privileges by modifying those programs.

  • CVE-2003-1039Apr 15, 2004
    risk 0.00cvss epss 0.03

    Multiple buffer overflows in the mySAP.com architecture for SAP allow remote attackers to execute arbitrary code via a long HTTP Host header to (1) Message Server, (2) Web Dispatcher, or (3) Application Server.

  • CVE-2003-1038Apr 15, 2004
    risk 0.00cvss epss 0.01

    The AGate component for SAP Internet Transaction Server (ITS) allows remote attackers to obtain sensitive information via a ~command parameter with an AgateInstallCheck value, which provides a list of installed DLLs and full pathnames.

  • CVE-2002-1577Apr 15, 2004
    risk 0.00cvss epss 0.01

    SAP R/3 2.0B to 4.6D installs several clients with default users and passwords, which allows remote attackers to gain privileges via the (1) SAP*, (2) SAPCPIC, (3) DDIC, (4) EARLYWATCH, or (5) TMSADM accounts.

  • CVE-2002-1578Apr 15, 2004
    risk 0.00cvss epss 0.03

    The default installation of SAP R/3, when using Oracle and SQL*net V2 3.x, 4.x, and 6.10, allows remote attackers to obtain arbitrary, sensitive SAP data by directly connecting to the Oracle database and executing queries against the database, which is not password-protected.

  • CVE-2003-1033Apr 15, 2004
    risk 0.00cvss epss 0.00

    The (1) instdbmsrv and (2) instlserver programs in SAP DB Development Tools 7.x trust the user-provided INSTROOT environment variable as a path when assigning setuid permissions to the lserver program, which allows local users to gain root privileges via a modified INSTROOT that…

  • CVE-2003-1036Apr 15, 2004
    risk 0.00cvss epss 0.03

    Multiple buffer overflows in the AGate component for SAP Internet Transaction Server (ITS) allow remote attackers to execute arbitrary code via long (1) ~command, (2) ~runtimemode, or (3) ~session parameters, or (4) a long HTTP Content-Type header.

  • CVE-2003-0938Dec 15, 2003
    risk 0.00cvss epss 0.00

    vos24u.c in SAP database server (SAP DB) 7.4.03.27 and earlier allows local users to gain SYSTEM privileges via a malicious "NETAPI32.DLL" in the current working directory, which is found and loaded by SAP DB before the real DLL, as demonstrated using the SQLAT stored procedure.

  • CVE-2003-0945Dec 15, 2003
    risk 0.00cvss epss 0.01

    The Web Database Manager in web-tools for SAP DB before 7.4.03.30 generates predictable session IDs, which allows remote attackers to conduct unauthorized activities.

  • CVE-2003-0939Dec 15, 2003
    risk 0.00cvss epss 0.03

    eo420_GetStringFromVarPart in veo420.c for SAP database server (SAP DB) 7.4.03.27 and earlier may allow remote attackers to execute arbitrary code via a connect packet with a 256 byte segment to the niserver (aka serv.exe) process on TCP port 7269, which prevents the server from…

  • CVE-2003-0940Dec 15, 2003
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in sqlfopenc for web-tools in SAP DB before 7.4.03.30 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a URL.

  • CVE-2003-0942Dec 15, 2003
    risk 0.00cvss epss 0.03

    Buffer overflow in Web Agent Administration service in web-tools for SAP DB before 7.4.03.30 allows remote attackers to execute arbitrary code via a long Name parameter to waadmin.wa.

  • CVE-2003-0943Dec 15, 2003
    risk 0.00cvss epss 0.01

    web-tools in SAP DB before 7.4.03.30 installs several services that are enabled by default, which could allow remote attackers to obtain potentially sensitive information or redirect attacks against internal databases via (1) waecho, (2) Web SQL Interface (websql), or (3) Web…

  • CVE-2003-0941Dec 15, 2003
    risk 0.00cvss epss 0.01

    web-tools in SAP DB before 7.4.03.30 allows remote attackers to access the Web Agent Administration pages and modify configuration via a direct request to waadmin.wa.

  • CVE-2003-0944Dec 15, 2003
    risk 0.00cvss epss 0.03

    Buffer overflow in the WAECHO default service in web-tools in SAP DB before 7.4.03.30 allows remote attackers to execute arbitrary code via a URL with a long requestURI.

  • CVE-2001-0366Jun 27, 2001
    risk 0.00cvss epss 0.01

    saposcol in SAP R/3 Web Application Server Demo before 1.5 trusts the PATH environmental variable to find and execute the expand program, which allows local users to obtain root access by modifying the PATH to point to a Trojan horse expand program.

Page 37 of 37