• Все разделы
  • Статьи
  • Медиа
  • Новости
  • Нормативные материалы
  • Конференции
  • Глоссарий

Не установлено обновление Note 1500307

Главная Специалистам База уязвимостей Не установлено обновление Note 1500307

Карточка уязвимости

Характеристики уязвимости

Уровень опасности
Оценка CVSS
Производитель ПО
SAP
Наименование ПО
SAP Notes (1500307-1) SAP Support Packages (SAPK-70102INSRMSRV, SAPKIBKV10)
Описание
(Infinite loop) A malicious user can trigger a condition in which the  process enters an infinite loop, which causes it to consume all  available processing time.This results in the entire machine being  unresponsive until the process is manually killed. An adversary can use this flaw to launch a Denial of Service (DoS) attack.

Resource exhaustion) The problem is caused by a resource exhaustion  condition. An attacker can launch a specifically crafted request that results in the process consuming excessive resources.
Thus, no other processes can allocate new resources and the system is  rendered unavailable. This condition can be intentionally provoked by an adversary in order to cause a Denial of Service.
Как исправить
Import the corresponding support package or implement the attached advance correction manually.
Ссылки