Skip links

RFC Work processes terminate in the XML parser, SAP security note 1469549

Description

The XML parser of the RFC reports the error “Stack overflow”. However, further processing of the error causes the work process to crash.

Available fix and Supported packages

  • SAP_BASIS | 640 | 640
  • SAP_BASIS | 700 | 702
  • SAP_BASIS | 710 | 720
  • SAP_BASIS | 72L | 72L
  • SAP KERNEL 6.40 32-BIT | SP331 | 000331
  • SAP KERNEL 6.40 32-BIT UNICODE | SP331 | 000331
  • SAP KERNEL 6.40 64-BIT | SP331 | 000331
  • SAP KERNEL 6.40 64-BIT UNICODE | SP331 | 000331
  • SAP KERNEL 6.40_EX2 32-BIT | SP331 | 000331
  • SAP KERNEL 6.40_EX2 32-BIT UC | SP331 | 000331
  • SAP KERNEL 6.40_EX2 64-BIT | SP331 | 000331
  • SAP KERNEL 6.40_EX2 64-BIT UC | SP331 | 000331
  • SAP KERNEL 7.00 32-BIT | SP258 | 000258
  • SAP KERNEL 7.00 32-BIT UNICODE | SP258 | 000258
  • SAP KERNEL 7.00 64-BIT | SP258 | 000258
  • SAP KERNEL 7.00 64-BIT UNICODE | SP258 | 000258
  • SAP KERNEL 7.01 32-BIT | SP097 | 000097
  • SAP KERNEL 7.01 32-BIT UNICODE | SP097 | 000097
  • SAP KERNEL 7.01 64-BIT | SP097 | 000097
  • SAP KERNEL 7.01 64-BIT UNICODE | SP097 | 000097
  • SAP KERNEL 7.10 32-BIT | SP203 | 000203
  • SAP KERNEL 7.10 32-BIT UNICODE | SP203 | 000203
  • SAP KERNEL 7.10 64-BIT | SP203 | 000203
  • SAP KERNEL 7.10 64-BIT UNICODE | SP203 | 000203

Affected component

    BC-MID-RFC
    RFC

CVSS

Score: 0

Exploit

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/1469549

TAGS

#PARAMETER_CONVERSION_ERROR

How to detect over 4100 vulnerabilities in SAP Systems?

More to explorer

Initiating SAP Penetration Testing

►   Pentest, short for penetration testing, refers to a set of processes that simulate an attacker’s actions to identify security vulnerabilities. Companies