Skip to Content

Vulnerability in EPS_DELETE_FILE RFC function

Hi people,

I´m trying to understand the vulnerability rose in the last BlackHat but I think I´m not getting the point so I would like to ask to you what I´m missing.

As far as I understand, in case you have a user with access to FM EPS_DELETE_FILE or in case you are able to use TMSADM or SAPCPIC (because you know the password of them) you can delete files in any place where SAP (that is, sidadm) can access with proper rights.

If this is the vulnerability then I don´t understand it because in any case defined previously you can execute the FM and in its initial screen you can select any directory you want (DIR_NAME). So from my point of view, the problem is if you give access to that FM to someone undesirable but this is a different (role) problem.

So, because for sure is not so simple as I wrote before, means that I´m not undestanding something (or anything at all!). What am I missing??



Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

1 Answer

  • Best Answer
    Posted on Sep 05, 2011 at 01:28 PM

    Take a look to OSS note 1497003.

    Edited by: Arseni Gallardo on Sep 5, 2011 3:29 PM

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.