Leading SAP AG partner in discovering and solving security vulnerabilities                                 Request DEMO             
DSECRG Advisories

[DSECRG-12-009] SAP NetWeaver PFL_CHECK_OS_FILE_EXISTENCE – missing authorization check and SMB Relay vulnerability

Application: SAP NetWeaver
Versions Affected: SAP NetWeaver
Vendor URL: http://www.sap.com
Bugs:Auth bypass, Verb tampering
Exploits: YES
Reported: 13.05.2011
Vendor response:15.05.2011
Date of Public Advisory:20.01.2011
Author:Alexey Tyurin

Description

Missing authorization check in FRC function PFL_CHECK_OS_FILE_EXISTENCE.

Business Risk

Attacker can execute vulnerable transaction, programm or RFC function remotely without authentication because authorization check is missing. It can lead to various threats, from information disclosure to full system compromise.