Release date:
Updated on: 2013-03-15
Affected Systems:
SAP NetWeaver 7.x
Description:
--------------------------------------------------------------------------------
Bugtraq id: 58486
SAP NetWeaver is the integrated technology platform of SAP and the technical foundation of all SAP applications since SAP Business Suite.
SAP NetWeaver has an error in the implementation of Development Infrastructure (DI) and can be used to upload arbitrary files.
<* Source: Dmitry Chastukhin
Link: http://secunia.com/advisories/52612/
Http://erpscan.com/advisories/dsecrg-13-004-sap-netweaver-di-arbitrary-file-upload/
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
SAP
---
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.sap.com/platform/netweaver/index.epx