OSVDB ID: 86770

Title: SAP NetWeaver Process Integration (PI) PI SDK XML Parser XML Request Validation XXE Tunnelling Remote Admin Command Execution

Info

Disclosure

Oct 22, 2012

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

SAP NetWeaver Process Integration (PI) contains a flaw that is triggered when an error occurs in the PI SDK XML parser during the validation of incoming XML requests with user-supplied Document Type Definition (DTD). This may allow a remote attacker to execute arbitrary administrator commands and execute XXE tunneling via a gopher scheme.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Private
Disclosure: Vendor Verified, Coordinated Disclosure

Solution

The vendor has released a patch to address this vulnerability. Check the vendor advisory or solution in the references section. There are no known workarounds or upgrades to correct this issue.

Products

SAP AG

NetWeaver Process Integration

Unspecified

References

Secunia Advisory ID: 51152
Other Advisory URL: http://erpscan.com/advisories/dsecrg-12-038-sap-netweaver-pi-sdk-xxe-and-xxe-tunneling/
Vendor URL: http://www.sap.com/index.epx/
Vendor Specific Advisory URL: https://service.sap.com/sap/support/notes/1723641

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/86770