Skip to Content
Former Member
Jan 28, 2008 at 10:45 PM

IGS watchdog process doesnt startup



we are making a security test to our SAP system, and we are encountering

problems with IGS watchdog, which is not starting up.

It worked well until we tried to exploit the vulnerability exposed on

the CVE-2006-4133:

"Heap-based buffer overflow in SAP Internet Graphics Service (IGS) 6.40

and earlier, and 7.00 and earlier, allows remote attackers to cause a

denial of service (crash) or execute arbitrary code via an HTTP request

with an ADM:GETLOGFILE command and a long portwatcher argument, which

triggers the overflow during error message construction when the

_snprintf function returns a negative value that is used in a memcpy


After sending a packet with a long value, our igs service crashed. This

is the expected result, but after rebooting the server, the igs watchdog

service doesn't startup.

After that, we have process the syslog entries that we have at the

SAPMMC, and we have encountered errors at the database. The error is

8115 and seems to be related to an arithmetic overflow. We believe that

its a consequence of the proof of concept that we have done.

Can anybody help us?

Lots of thanks and best regards.