[ERPSCAN-12-009] SAP NetWeaver PFL_CHECK_OS_FILE_EXISTENCE – missing authorization check and SMB Relay vulnerability

DSECRG Advisories

Application: SAP NetWeaver
Versions Affected: SAP NetWeaver
Vendor URL: http://www.sap.com
Bugs:Auth bypass, Verb tampering
Exploits: YES
Reported: 13.05.2011
Vendor response:15.05.2011
Date of Public Advisory:20.01.2011
Author:Alexey Tyurin

Missing authorization check in FRC function PFL_CHECK_OS_FILE_EXISTENCE.

Business Risk
Attacker can execute vulnerable transaction, programm or RFC function remotely without authentication because authorization check is missing. It can lead to various threats, from information disclosure to full system compromise.