Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Stack-based buffer overflow in serv.exe in SAP MaxDB 7.4.3.32, and 7.6.0.37 through 7.6.06 allows remote attackers to execute arbitrary code via an invalid length parameter in a handshake packet to TCP port 7210. NOTE: some of these details are obtained from third party information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SAP MaxDB serv.exe服务畸形握手请求远程代码执行漏洞
Vulnerability Description
MaxDB是SAP应用中广泛使用的数据库管理系统。 MaxDB中默认监听于TCP 7210端口上的serv.exe进程错误地信任了握手报文中的值并在将数据拷贝到栈上时将该值用作了长度。如果远程攻击者在请求报文中提供了恶意的值和报文数据,就可以导致以SYSTEM用户权限执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A