SAProuter Remote Authentication Bypass (Note 1853140)

Medium Nessus Plugin ID 72263

Synopsis

The remote application is susceptible to an authentication bypass attack.

Description

The remote host has a version of SAProuter that is affected by an authentication bypass vulnerability. When started with the '-X' flag, SAProuter permits routing to itself given a 'saprouttab' that allows access to its port. An unauthenticated, remote attacker can issue commands to SAProuter.

Solution

Restart SAProuter without '-X' and review the permissions in 'saprouttab'.

See Also

https://service.sap.com/sap/support/notes/1853140

http://www.nessus.org/u?6db5b37c

Plugin Details

Severity: Medium

ID: 72263

File Name: sap_router_note1853140.nasl

Version: 1.6

Type: remote

Family: General

Published: 2014/02/03

Modified: 2018/11/15

Dependencies: 72262

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:sap:network_interface_router

Required KB Items: Services/sap_router

Exploit Available: false

Exploit Ease: No known exploits are available

Exploited by Nessus: true

Vulnerability Publication Date: 2013/11/12

Reference Information

CVE: CVE-2013-7093

BID: 64230