PT-2005-4392 · Sap · Sap Web Application Server

Leandro Meiners

Published

2005-11-16

Updated

2017-07-11

CVE-2005-3634

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions SAP Web Application Server (WAS) versions 6.10 through 7.00

Description The issue allows remote attackers to log users out and redirect them to arbitrary web sites. This is achieved via a close command in the sap-sessioncmd parameter and a URL in the sap-exiturl parameter in the frameset.htm file of the BSP runtime.

Recommendations For SAP Web Application Server (WAS) versions 6.10 through 7.00, consider restricting access to the sap-sessioncmd and sap-exiturl parameters to minimize the risk of exploitation. Avoid using the sap-sessioncmd parameter with a close command and the sap-exiturl parameter with an arbitrary URL in the frameset.htm file until the issue is resolved.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-3634

Affected Products

Sap Web Application Server

PT-2005-4392 · Sap · Sap Web Application Server

CVE-2005-3634

Related Identifiers

Affected Products

References · 10