The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of SAP Web AS: several vulnerabilities

Synthesis of the vulnerability 

A remote attacker can read a file or generate a denial of service, and a local attacker can elevate his privileges.
Impacted software: SAP ERP, NetWeaver.
Severity of this computer vulnerability: 2/4.
Number of vulnerabilities in this bulletin: 3.
Creation date: 02/11/2006.
Revision date: 09/02/2007.
Références of this announce: BID-20873, BID-20877, CVE-2006-5784, CVE-2006-5785, VIGILANCE-VUL-6274.

Description of the vulnerability 

The SAP Application Server product has three vulnerabilities.

A remote attacker can read a file with rights of SAP. [severity:2/4; BID-20877, CVE-2006-5784]

A remote attacker can stop the enserver.exe process. [severity:2/4; BID-20873, CVE-2006-5785]

A local attacker can obtain privileges of the SAPServiceJ2E user under Windows 2000 pre-SP4, Windows XP pre-SP2 and Windows NT. [severity:2/4]
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This security announce impacts software or systems such as SAP ERP, NetWeaver.

Our Vigil@nce team determined that the severity of this threat is medium.

The trust level is of type confirmed by a trusted third party, with an origin of internet client.

This bulletin is about 3 vulnerabilities.

A proof of concept or an attack tool is available, so your teams have to process this alert. An attacker with a beginner ability can exploit this computer vulnerability announce.

Solutions for this threat 

SAP Web AS: patch and workarounds.
A patch is available (
  SAP Web AS 6.40 : patch 136
  SAP Web AS 7.00 : patch 66
They are described in notes 948457 and 959877.
A workaround is to:
 - filter TCP ports number 3200 to 3299 (3200+SYSNR)
 - deactivate Windows accounts for users (not administrators)
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a computers vulnerabilities watch. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system.