Denial of Service Vulnerability in SAP Web Application Server
CVE-2006-6011

Currently unrated

Key Information:

Vendor: SAP
Status: SAP Web Application Server
Vendor: CVE Published:; 21 November 2006

What is CVE-2006-6011?

A vulnerability exists in the SAP Web Application Server prior to version 6.40 patch 6 that allows remote attackers to exploit the server by sending a specific UDP packet to port 64999. This attack can lead to the server process, enserver.exe, crashing, resulting in a denial of service. This issue is recognized as a 'two bytes UDP crash' and should be addressed to prevent potential service interruptions.

References

http://securityreason.com/securityalert/1889

third-party-advisoryx_refsource_SREASON

http://www.securityfocus.com/archive/1/451378/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 21, 2006
Vulnerability Reserved
Nov 21, 2006