Home >Backend Development >PHP Tutorial >SAP MaxDB MySQL patches serious database vulnerabilities_PHP tutorial
SAP MaxDB MySQL patches serious database vulnerabilities_PHP tutorial
- WBOYOriginal
- 2016-07-13 17:03:09976browse
Recently, SAP developers have fixed a serious vulnerability in the SAP MaxDB database, which can be exploited by hackers to execute malicious code.
Researcher Olive Karow from Symantec discovered this database vulnerability. This vulnerability is patched in the latest version of MaxDB 7.6.00.31.
According to a report released by Symantec, “By sending a distorted HTTP request, an attacker can gain permissions of the wahttp process to execute malicious code. No authentication is required to succeed. Exploiting this vulnerability."
According to Symantec's report, there is a temporary workaround that allows MaxDB customers to disable SAP-DB's WWW service or control its access. SAP customers can download the latest version of the database from www.service.sap.com.
In 2004, SAP reached an agreement with the open source database MySQL to share SAP DB patents, and the database was subsequently renamed MaxDB. MaxDB is optimized to run with mySAP Business Suite and MySQL database management systems.
Original link: http://searchsap.techtarget.com/originalContent/0,289142,sid21_gci1213576,00.html
(t114 )