CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
99.3%
Added: 06/04/2012
CVE: CVE-2012-2611
OSVDB: 81759
SAP Netweaver is a technology platform for building and integrating SAP business applications.
SAP Netweaver is vulnerable to a stack buffer overflow when configured with the developer trace level set to 2 or higher. The vulnerability can be triggered by sending specially crafted SAP Diag packets to remote TCP port 32##
(where ##
is the SAP system number) of a host running the Dispatcher service of SAP Netweaver Application Server. The specific vulnerability is in the DiagTraceR3Info
function in disp+work.exe
7010.29.15.58313 and 7200.70.18.23869.
Contact the vendor for an update.
<http://cxsecurity.com/cveshow/CVE-2012-2611/>
This exploit has been tested on SAP NetWeaver 7.01 SR1 and SAP NetWeaver 7.02 SP06 on Windows Server 2003 SP2 English (DEP OptOut).
SAP NetWeaver 7.01 SR1 only listens on IPv4.
The NetWeaver developer trace level must be set to 2 or higher for the exploit to succeed. This is done by modifying the instance profile file <install dir>\NSP\SYS\profile\NSP_DVEBMGS00_<instance name>
by adding the line “rdisp/TRACE = 2
”.
Windows