Re: Sapgui 4.6D for Windows

[Andreas Baetz <andreas.baetz () herma de>]

On Friday 01 February 2002 14:27, Nick Wilkens wrote:
> I was unable to recreate this using SAPGUI 46D patch level 483 or 6.10
> Patch 13.   Which patch of 4.6D are you using?      And was it anything in
> particular you sent to the port that caused the crash?
>
>  Nick Wilkens
>
> > > > Falk Siemonsmeier <Falk.Siemonsmeier () t-online de> 1/28/02 1:00:55 PM
> > > > > > >
>
> The Sapgui 4.6D for Windows that we use at work, open a port
> listen on a port >1024, wenn you connect to this port, maybee
> with nmap or nc or something else, the sapgui crashed with
> "unknown connection data". Can you reproduce this? Or is it a
> local Problem?
>
>
> Greetings
> Falk

I tested with 46D Finale Release, File Version 4640.4.302.2172,
and it is vulnerable. There are 3 Ports (at least) open above 1024,
and if the middle one gets a syn packet, and the connection is
closed thereafter, SAPGui reports "Failed to read connect data" 
and terminates. This works with telnetting to that middle port or
with using nmap -sS.

Andreas


**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.

This footnote also confirms that this email message has been scanned
for the presence of computer viruses.
**********************************************************************