http://www.crn.com/software/208400258 By Mario Morejon ChannelWeb May 27, 2008 After notification by our Test Center, SAP (NYSE:SAP) security experts have "fast-tracked" an investigation into potential holes in certain deployments of the software giant's server technology -- holes that apparently could leave entire data stores wide open to potential abuse by hackers. The Waldorf, Germany-based company is examining potentially alarming scenarios, brought to its attention by our Test Center, which found that one data store built on SAP technology revealed an easy opportunity for cyber criminals to gain access to a large corporate database. Fritz Bauspiess, director of SAP NetWeaver product management security, says the company is looking at the issue brought to its attention by the Test Center earlier this month. "The [SAP] team will work to see if they can replicate the issue and verify it, then will create a recommendation to customers on how to address (if one does not already exist)," Bauspiess said. The Test Center first began examining the issue earlier this month and, working with an SAP engineer for one large corporation, who talked to us on condition of not being named, pointed out the scenarios. The Test Center examined the specific deployment first hand, and identified the weaknesses. [...] _______________________________________________ Attend Black Hat USA, August 2-7 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 40 hands-on training courses and 80 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 50 nations. Visit product displays by 30 top sponsors in a relaxed setting. http://www.blackhat.com
This archive was generated by hypermail 2.1.3 : Wed May 28 2008 - 00:24:27 PDT