Since mine match, I just didn’t have to worry about it.Release mode: Coordinated release 2. Vulnerability InformationĬlass: Unchecked Return Value, TOCTOU Race Condition Vulnerabilities were found in the extraction of specially crafted archive files, that could lead to local denial of service conditions or privilege escalation. SAP published the following Security Notes: Vendor Information, Solutions and Workarounds Other products and versions might be affected, but they were not tested. This vulnerability was discovered and researched by Martin Gallo from Core Security Consulting Services. Technical Description / Proof of Concept Code The publication of this advisory was coordinated by Joaquin Rodriguez Varela from Core Advisories Team. SAP distributes software and packages using an archive program called SAPCAR. This program uses a custom archive file format. Vulnerabilities were found in the extraction of specially crafted archive files, that could lead to denial of service conditions or escalation of privileges. The code that handles the extraction of archive files is prone to privilege escalation and denial of service vulnerabilities. Denial of service vulnerability due the SAPCAR program not checking the return value of file operations when extracting files. This might result in the program crashing when trying to extract files from an specially crafted archive file that contains invalid file names for the target platform. Of special interest are applications or solutions that makes use of SAPCAR in an automated way. : Core Security sent an initial notification to SAP.: SAP confirmed the reception of the email and requested the draft version of the advisory.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |