Vulnerability Name: | CVE-2006-0732 (CCN-24750) | ||||||||
Assigned: | 2006-02-15 | ||||||||
Published: | 2006-02-15 | ||||||||
Updated: | 2018-10-19 | ||||||||
Summary: | Directory traversal vulnerability in SAP Business Connector (BC) 4.6 and 4.7 allows remote attackers to read or delete arbitrary files via the fullName parameter to (1) sapbc/SAP/chopSAPLog.dsp or (2) invoke/sap.monitor.rfcTrace/deleteSingle. Details will be updated after the grace period has ended. Note: SAP Business Connector is an OEM version of webMethods Integration Server. webMethods states that this issue can only occur when the product is installed as root/admin, and if the attacker has access to a general purpose port; however, both are discouraged in the documentation. In addition, the attacker must already have acquired administrative privileges through other means. Apply patches (see SAP note 906401 and 908349). | ||||||||
CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H)
| ||||||||
CVSS v2 Severity: | 6.4 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N) 4.7 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N/E:U/RL:OF/RC:C)
6.3 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:N/A:C/E:U/RL:OF/RC:C)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | File Manipulation | ||||||||
References: | Source: CCN Type: Full-Disclosure Mailing List, Wed Feb 15 2006 - 07:31:06 CST CYBSEC - Security Pre-Advisory: Arbitrary File Read/Delete in SAP BC Source: CCN Type: Full-Disclosure Mailing List, Mon May 15 2006 - 07:46:04 CDT CYBSEC - Security Advisory: Arbitrary File Read/Delete in SAP BC (Business Connector) Source: MITRE Type: CNA CVE-2006-0732 Source: CCN Type: SA18880 SAP Business Connector Arbitrary File Access and Spoofing Source: SECUNIA Type: Vendor Advisory 18880 Source: CCN Type: SECTRACK ID: 1015639 SAP Business Connector Bugs Let Remote Users View or Delete Files and Conduct Phishing Attacks Source: SECTRACK Type: UNKNOWN 1015639 Source: CCN Type: SECTRACK ID: 1016090 SAP Business Connector Lets Remote Authenticated Users View and Delete Files Source: SECTRACK Type: UNKNOWN 1016090 Source: CCN Type: SECTRACK ID: 1016122 SAP sapdba Command for Informix Environment Variable Bug Lets Local Users Gain Elevated Privileges Source: SECTRACK Type: UNKNOWN 1016122 Source: MISC Type: UNKNOWN http://www.cybsec.com/vuln/CYBSEC_Security_Advisory_Arbitrary_File_Read_or_Delete_in_SAP_BC.pdf Source: MISC Type: Vendor Advisory http://www.cybsec.com/vuln/CYBSEC_Security_Pre-Advisory_Arbitrary_File_Read_or_Delete_in_SAP_BC.pdf Source: BUGTRAQ Type: UNKNOWN 20060215 CYBSEC - Security Pre-Advisory: Arbitrary File Read/Delete in SAPBC Source: BUGTRAQ Type: UNKNOWN 20060515 CYBSEC - Security Advisory: Arbitrary File Read/Delete in SAP BC(Business Connector) Source: BID Type: UNKNOWN 16668 Source: CCN Type: BID-16668 SAP Business Connector Remote Arbitrary File Access And Deletion Vulnerability Source: VUPEN Type: UNKNOWN ADV-2006-0611 Source: XF Type: UNKNOWN sapbc-monitoring-file-access(24750) | ||||||||
Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
BACK |