A critical security hole in the SAP DB and MaxDB databases allows attackers to gain control over the service. SAP-DB/MaxDB is a heavy-duty, SAP-certified open source database for OLTP and OLAP usage which offers high reliability, availability, scalability and a very comprehensive feature set.
It is targeted for large mySAP Business Suite environments and other applications that require maximum enterprise-level database functionality and complements the MySQL database server. The flaw is located in the web management portion of the database´s WebDBM, Symantec reports. Specially prepared HTTP requests with overlong database names can be used to plant code by provoking a buffer overflow, and then execute that code with the web server´s rights (wahttp). No prior authentication is needed for this.
The flaw was found in MaxDB version 7.6.00.22, although previous versions are potentially also affected. The manufacturer has removed the hole in MaxDB 7.6.00.31. No update is available for SAP-DB, which is no longer under continued development.