CVE-2009-4603

EUVD-2009-4569
Unspecified vulnerability in sapstartsrv.exe in the SAP Kernel 6.40, 7.00, 7.01, 7.10, 7.11, and 7.20, as used in SAP NetWeaver 7.x and SAP Web Application Server 6.x and 7.x, allows remote attackers to cause a denial of service (Management Console shutdown) via a crafted request. NOTE: some of these details are obtained from third party information.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 71%
Affected Products (NVD)
VendorProductVersion
sapsap_kernel
6.40
sapsap_kernel
7.00
sapsap_kernel
7.01
sapsap_kernel
7.10
sapsap_kernel
7.11
sapsap_kernel
7.20
𝑥
= Vulnerable software versions
References
http://secunia.com/advisories/37684
http://www.cybsec.com/vuln/CYBSEC_SAP_sapstartsrv_DoS.pdf
http://www.securityfocus.com/bid/37286
http://www.securitytracker.com/id?1023319
https://service.sap.com/sap/support/notes/1302231
http://secunia.com/advisories/37684
http://www.cybsec.com/vuln/CYBSEC_SAP_sapstartsrv_DoS.pdf
http://www.securityfocus.com/bid/37286
http://www.securitytracker.com/id?1023319
https://service.sap.com/sap/support/notes/1302231