Bugtraq mailing list archives

Re: [Onapsis Security Advisory 2010-004] SAP J2EE Authentication Phishing Vector

From: david.durham () jo-annstores com
Date: 19 Feb 2010 15:06:05 -0000

The communication you have posted appears to be inconsistent with the note 1175239 SAP has issued.

If I've read the SAP note correctly:
SAP JAVA CORE 7.00 < SP22 is affected

According to your posting:
SAP JAVA CORE 7.00 < SP02 is affected

Current thread:

[Onapsis Security Advisory 2010-004] SAP J2EE Authentication Phishing Vector Onapsis Research Labs (Feb 11)
- <Possible follow-ups>
- Re: [Onapsis Security Advisory 2010-004] SAP J2EE Authentication Phishing Vector david . durham (Feb 19)