SAP Eliminates Vulnerabilities Detected by Positive Research

At the end of 2011, SAP products proved to contain a whole number of vulnerabilities (one, two, and three – in Russian) that would have allowed conducting a DoS attack. The vulnerabilities were detected by Vladimir Zarichny, a specialist of Positive Research.

The details of the vulnerabilities were provided to the vendor, and in May, 2012, SAP released a patch that fixes these and some other security flaws. The specialist’s work has been acknowledged by the SAP Product Security Response team: Vladimir’s name has been placed on SAP’s wall of fame (Acknowledgements Page).

This is far from being the only one example of a successful cooperation between Positive Research experts and SAP specialists that results in elimination of severe security flaws. At present, the vendor developers are working on a patch that fixes another vulnerability detected by the Positive Research experts (Ilya Smith, Maksim Tsoy, Kirill Mosolov, and Evgeny Ryzhov).

One thought on “SAP Eliminates Vulnerabilities Detected by Positive Research

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.