SAP Knowledge Base Article - Preview

3322470 - Security Enhancement to avoid file path traversal violation for "sysadmin dump_file" and "admin set_log_name" - SRS

Symptom

Security Enhancement to avoid file path traversal violation for "sysadmin dump_file" and "admin set_log_name".

For example, below commansd are vulnerable to path manipulation: 
sysadmin dump_file, '../../dump.txt'
sysadmin dump_file, '/home/../dump.txt'
sysadmin dump_file, '..\../dump.txt'


Read more...

Environment

  • SAP Replication Server (SRS) 16.0

Product

SAP Replication Server 16.0

Keywords

file path traversal violation, SRS security enhancement , KBA , BC-SYB-REP , Sybase Replication Server (standalone) , BC-SYB-REP-HET , Replication Server Heterogeneous Edition (RSHE) , BC-SYB-REP-RTL , Rep Server Real-Time Loading Edition (RTLE) , BC-SYB-REP-RSO , Rep Server Options (RSO) , BC-SYB-REP-ME , Replication Server Messaging Edition (RSME) , Product Enhancement

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.