Vulnerability CVE-2009-4603
Published: 2010-01-12   Modified: 2012-02-13

Description:
Unspecified vulnerability in sapstartsrv.exe in the SAP Kernel 6.40, 7.00, 7.01, 7.10, 7.11, and 7.20, as used in SAP NetWeaver 7.x and SAP Web Application Server 6.x and 7.x, allows remote attackers to cause a denial of service (Management Console shutdown) via a crafted request. NOTE: some of these details are obtained from third party information.

Type:

CWE-noinfo

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial
Affected software
SAP -> Sap kernel 

 References:
https://service.sap.com/sap/support/notes/1302231
http://www.securitytracker.com/id?1023319
http://www.securityfocus.com/bid/37286
http://www.cybsec.com/vuln/CYBSEC_SAP_sapstartsrv_DoS.pdf
http://secunia.com/advisories/37684
Copyright 2024, cxsecurity.com

 

Back to Top