Exploiting Inter-Process Communication in SAP’s HTTP Server
Offered By: Ekoparty Security Conference via YouTube
Course Description
Overview
Explore a critical security presentation from Ekoparty 2022 that unveils exploitable vulnerabilities in SAP's HTTP Server. Delve into the details of two memory corruption vulnerabilities (CVE-2022-22536 and CVE-2022-22532) discovered in the Internet Communication Manager (ICM), a core component handling HTTP requests for SAP deployments. Learn how these remotely exploitable flaws could be leveraged by unauthenticated attackers to compromise SAP installations worldwide. Gain insights into high-level protocol exploitation techniques and their potential impact on 90% of Fortune 500 companies relying on SAP software. Presented by Martin Doyhenard, a security researcher from Onapsis Research Labs, this talk offers valuable knowledge on Web stack security, reverse engineering, and binary analysis in the context of ERP systems.
Syllabus
Martin Doyhenard - Exploiting Inter-Process Communication in SAP’s HTTP Server - Ekoparty 2022
Taught by
Ekoparty Security Conference
Related Courses
Case Studies in Embedded VR - Silvio Cesare - Ekoparty Security Conference - 2022Ekoparty Security Conference via YouTube The Making of an Aerospace Village Badge - Dan Allen - Ekoparty 2021: Patagon Aerospace
Ekoparty Security Conference via YouTube IIoT, Data Infrastructure, Smart Factory - Sarka Pekarova - Ekoparty 2021: OT - IIOT - IOT Space
Ekoparty Security Conference via YouTube Gotham City- SSH from Zero to Trust - Lucas Calisi - Ekoparty Security Conference - 2021
Ekoparty Security Conference via YouTube Sleight of ARM- Demystifying Intel Houdini - Brian Hong - Ekoparty 2021- Hardware Hacking Space
Ekoparty Security Conference via YouTube