Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

SAP MaxDB Multiple Vulnerabilities



The remote database server is affected by multiple issues.


The remote host is running MaxDB, a database server from SAP. According to its version, the remote server is affected by multiple flaws. - A vulnerability in the 'vserver' process could allow an unauthenticated attacker to execute arbitrary code, subject to the privileges of the user under which the process operates. In order to successfully exploit this issue, an attacker must have prior knowledge of an active database name on the server. - A design error in 'sdbstarter' could allow an attacker to elevate his privileges to root level. - A vulnerability in cons.exe could allow command execution before authenticating to the database server.


Upgrade to SAP MaxDB 7.7.04 Build 08 / 7.7.03 Build 23 / 7.7.02 Build 20 / 7.6.05 Build 02 / 7.6.04 Build 06 / 7.6.03 Build 15 / 7.5.00 Build 48 or higher.