On Friday 01 February 2002 14:27, Nick Wilkens wrote: > I was unable to recreate this using SAPGUI 46D patch level 483 or 6.10 > Patch 13. Which patch of 4.6D are you using? And was it anything in > particular you sent to the port that caused the crash? > > Nick Wilkens > > >>> Falk Siemonsmeier <Falk.Siemonsmeier@t-online.de> 1/28/02 1:00:55 PM > >>> >>> > > The Sapgui 4.6D for Windows that we use at work, open a port > listen on a port >1024, wenn you connect to this port, maybee > with nmap or nc or something else, the sapgui crashed with > "unknown connection data". Can you reproduce this? Or is it a > local Problem? > > > Greetings > Falk I tested with 46D Finale Release, File Version 4640.4.302.2172, and it is vulnerable. There are 3 Ports (at least) open above 1024, and if the middle one gets a syn packet, and the connection is closed thereafter, SAPGui reports "Failed to read connect data" and terminates. This works with telnetting to that middle port or with using nmap -sS. Andreas ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been scanned for the presence of computer viruses. **********************************************************************
This archive was generated by hypermail 2b30 : Mon Feb 04 2002 - 16:38:38 PST