SAP Business One 2005-A License Manager Remote Overflow PoC

vendor:

SAP Business One 2005-A License Manager

by:

Mike Arnold

7.5

CVSS

HIGH

Stack-based Buffer Overflow

CWE

Product Name: SAP Business One 2005-A License Manager

Affected Version From: SAP Business One 2005-A (6.80.123) SP:00 PL:06

Affected Version To: SAP Business One 2005-A (6.80.320) SP:01 PL:34

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested: Windows Server 2003 R2 Std/Ent Service Pack 2

SAP Business One 2005-A License Manager Remote Overflow PoC

NT_Naming_Service.exe (License Manager 2005 for SAP Business One 2005-A) is vulnerable to a stack-based buffer overflow allowing for full system compromise by an unauthenticated user that has TCP/IP access to SAP's license service on TCP port 30000.

Mitigation:

Source

SAP Business One 2005-A License Manager Remote Overflow PoC

Mitigation:

Exploit-DB raw data: