At the end of 2011, SAP products proved to contain a whole number of vulnerabilities (one, two, and three - in Russian) that would have allowed conducting a DoS attack. The vulnerabilities were detected by Vladimir Zarichny, a specialist of Positive Research.
The details of the vulnerabilities were provided to the vendor, and in May, 2012, SAP released a patch that fixes these and some other security flaws. The specialist’s work has been acknowledged by the SAP Product Security Response team: Vladimir’s name has been placed on SAP’s wall of fame (Acknowledgements Page).
This is far from being the only one example of a successful cooperation between Positive Research experts and SAP specialists that results in elimination of severe security flaws. At present, the vendor developers are working on a patch that fixes another vulnerability detected by the Positive Research experts (Ilya Smith, Maksim Tsoy, Kirill Mosolov, and Evgeny Ryzhov).
The details of the vulnerabilities were provided to the vendor, and in May, 2012, SAP released a patch that fixes these and some other security flaws. The specialist’s work has been acknowledged by the SAP Product Security Response team: Vladimir’s name has been placed on SAP’s wall of fame (Acknowledgements Page).
This is far from being the only one example of a successful cooperation between Positive Research experts and SAP specialists that results in elimination of severe security flaws. At present, the vendor developers are working on a patch that fixes another vulnerability detected by the Positive Research experts (Ilya Smith, Maksim Tsoy, Kirill Mosolov, and Evgeny Ryzhov).
This comment has been removed by a blog administrator.
ReplyDelete