Buffer Overflow Vulnerability in SAPLPD 6.28 and Earlier by SAP
CVE-2008-0621

Currently unrated

Key Information:

Vendor: SAP
Status: SAPgui; SAPlpd; SAPsprint
Vendor: CVE Published:; 6 February 2008

What is CVE-2008-0621?

The vulnerability in SAPLPD versions 6.28 and earlier, part of SAP GUI 7.10, allows remote attackers to exploit buffer overflow conditions. By supplying overly long arguments to specific LPD commands (0x01 to 0x05), attackers can potentially execute arbitrary code on the affected system. This flaw poses significant risks, enabling unauthorized actions that could compromise the integrity and confidentiality of system operations.

References

http://secunia.com/advisories/28786

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/archive/1/487575/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.vupen.com/english/advisories/2008/0409

vdb-entryx_refsource_VUPEN

EPSS Score

88% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Feb 6, 2008
Vulnerability Reserved
Feb 5, 2008