database.sarang.net
UserID
Passwd
Database
DBMS
ㆍMySQL
PostgreSQL
Firebird
Oracle
Informix
Sybase
MS-SQL
DB2
Cache
CUBRID
LDAP
ALTIBASE
Tibero
DB 문서들
스터디
Community
공지사항
자유게시판
구인|구직
DSN 갤러리
도움주신분들
Admin
운영게시판
최근게시물
MySQL News 23505 게시물 읽기
 News | Q&A | Columns | Tutorials | Devel | Files | Links
No. 23505
sap-db-data-access (8972)
작성자
정재익(advance)
작성일
2002-08-09 13:27
조회수
6,852

SAP R/3 used with Oracle could allow an attacker to access SAP data

SECURITY (Intermediate alert)

 

원본출처 : http://www.iss.net/security_center/static/8972.php

 

Description:

 

SAP is a financial package that runs on top of Oracle databases. SAP R/3 using SQL*net V2 could allow a remote attacker to access SAP data. Upon default installation of SAP R/3 on an Oracle database, an attacker on the local network could access the Oracle listener port on the database host to read, write, or modify SAP data.

 

 

Platforms Affected:

 

Oracle: All Versions

SAP R/3: All Versions

 

Remedy:

 

No remedy available as of May 2002.

 

Refer to the BugTraq Mailing List posting dated Apr 27 2002 7:06AM for workaround information. See References.

 

Consequences:

 

Gain Access

 

References:

 

BugTraq Mailing List, Apr 27 2002 7:06AM, "SAP R/3 on Oracle: vulnerable Default Installation" at http://online.securityfocus.com/archive/1/269967

 

Standards associated with this entry:

BID-4613: SAP R/3 with Oracle Unauthorized Data Access Vulnerability

 

Reported:

April 27 2002.

[Top]
No.
제목
작성자
작성일
조회
23666MySQL QUery Browser 1.1.7 has been released.
이경환
2005-05-03
8511
23507New MaxDB 7.6 bata released
이창민
2005-03-09
8211
23506SAPDB 의 local root 의 취약점
정재익
2003-05-16
7214
23505sap-db-data-access (8972)
정재익
2002-08-09
6852
23299MySQL 4.1.10a and 4.0.24 Released
이창민
2005-03-14
8298
23220MySQL 4.1.10 has been released
이창민
2005-03-02
6982
22674MS 소스 코드 오픈소스 데이터베이스 ‘MySQL’ 차기 버전에 쓰일 전망
정재익
2004-11-11
9836
Valid XHTML 1.0!
All about the DATABASE... Copyleft 1999-2024 DSN, All rights reserved.
작업시간: 0.016초, 이곳 서비스는
	PostgreSQL v16.2로 자료를 관리합니다