SAP Login Security Flaw

http://www.doblerconsulting.com/db-tech-trends/sap-patches-login-security-flaw-in-ase-database/ SAP Patches Login Security Flaw in ASE Database http://www.pcworld.com/article/2914532/sap-patches-login-flaw-in-ase-database.html SAP patches login flaw in ASE database

SAP patched a flaw on Thursday that could allow an attacker to take complete control over a database, according to security vendor Trustwave. The flaw (CVE-2014-6284) affects SAP’s Adaptive Server Enterprise (ASE), a relational database for Unix, Linux and Windows systems, designed for high volumes of data-rich transactions. Vulnerable versions are 12.5, 15, 15.5, 15.7 and 16. TrustWave’s Martin Rakhmanov, a senior security researcher, found an error in the challenge and response mechanism used to access ASE. The account access gained is not a privileged account, but TrustWave said other flaws allow the privileges to be escalated to that of a database administrator. “Combined with such privilege elevation vulnerabilities, this one allows complete takeover of the database server,” TrustWave said in its advisory. Trustwave published proof-of-concept code on GitHub. SAP has also released a security note, but login details are required to view it.

“SAP ASE ships with a login named “probe” used for the two-phase commit probe process, which uses a challenge and response mechanism to access Adaptive Server. There is a flaw in implementation of the challenge and response mechanism that allows anyone to access the server as “probe” login. While the “probe” is not a privileged account, other flaws exist that allow privilege elevation from regular database user to database administrator. Combined with such privilege elevation vulnerabilities this one allows complete takeover of the database server.”

https://www.trustwave.com/Resources/SpiderLabs-Blog/CVE-2014-6284—-Probe–login-access-vulnerability-in-SAP-ASE/?page=1&year=0&month=0

Fixed are:

ASE 15.7 SP132
ASE 16.0 SP01

Advertisements


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s