DB: SAP MaxDB Remote Arbitrary Commands Execution
This signature detects attempts to exploit a known vulnerability against SAP MaxDB. A successful attack can lead to arbitrary code execution.
Extended Description
SAP MaxDB is prone to a remote command-injection vulnerability because the application fails to properly sanitize user-supplied input. Successfully exploiting this issue allows remote attackers to execute arbitrary shell commands with the privileges of the database server. Multiple database commands expose this issue, including one that is available prior to authentication. MaxDB 7.6.03 build 007 is vulnerable to this issue; other versions may also be affected.
Affected Products
Sap maxdb
Short Name
DB:MYSQL:MAXDB-CMD
Severity
Major
Recommended
False
Recommended Action
Drop
Category
DB
Keywords
Arbitrary CVE-2008-0244 Commands Execution MaxDB Remote SAP bid:27206
Release Date
09/16/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
Port
TCP/7210
False Positive
Unknown
Vendors
Sap
CVSS Score
10.0