Content area

Abstract

Translate

The SAP Adaptive Server Enterprise (ASE), previously known as Sybase SQL Server, is a high-performance relational database server with on-premise and cloud deployment options that is used by over 30,000 organizations worldwide, including over 90% of the world's top 50 banks and security firms, according to SAP marketing materials. The problem is that the password to login into this helper database is stored in a configuration file that is readable by all users of the operating system, which means an attacker with access to a local non-privileged Windows account can access the helper database and issue commands that can result in the overwriting of operating system files. Since XP Server runs as LocalSystem, exploitation of this flaw can lead to arbitrary code execution with full system privileges.

Details

1007133
Key topics
Powered by Web of Science® Description for Powered by Web of Science
SQL Server;
Server
Subject
Operating systems;
Databases;
Access control;
Researchers;
Servers;
Windows (computer programs);
Relational data bases;
Query languages
Title
Install latest SAP Adaptive Server Enterprise patches, experts urge
Author
Constantin, Lucian
Publication title
CSO (Online); Framingham
Publication year
2020
Publication date
Jun 3, 2020
Publisher
Foundry
Place of publication
Framingham
Country of publication
United States
Publication subject
COMPUTERS--COMPUTER SECURITY, Criminology And Law Enforcement--Security
Source type
Trade Journal
Language of publication
English
Document type
News
ProQuest document ID
2408958772
Document URL
https://www.proquest.com/trade-journals/install-latest-sap-adaptive-server-enterprise/docview/2408958772/se-2?accountid=208611
Copyright
Copyright CXO Media, Inc. Jun 3, 2020
Last updated
2024-11-20
Database
ProQuest One Academic