YoVDO

Exploiting Inter-Process Communication in SAP’s HTTP Server

Offered By: Ekoparty Security Conference via YouTube

Tags

Ekoparty Security Conference Courses Reverse Engineering Courses Inter-Process Communication Courses Binary Analysis Courses SAP Security Courses

Course Description

Overview

Explore a critical security presentation from Ekoparty 2022 that unveils exploitable vulnerabilities in SAP's HTTP Server. Delve into the details of two memory corruption vulnerabilities (CVE-2022-22536 and CVE-2022-22532) discovered in the Internet Communication Manager (ICM), a core component handling HTTP requests for SAP deployments. Learn how these remotely exploitable flaws could be leveraged by unauthenticated attackers to compromise SAP installations worldwide. Gain insights into high-level protocol exploitation techniques and their potential impact on 90% of Fortune 500 companies relying on SAP software. Presented by Martin Doyhenard, a security researcher from Onapsis Research Labs, this talk offers valuable knowledge on Web stack security, reverse engineering, and binary analysis in the context of ERP systems.

Syllabus

Martin Doyhenard - Exploiting Inter-Process Communication in SAP’s HTTP Server - Ekoparty 2022


Taught by

Ekoparty Security Conference

Related Courses

Introduction to Operating Systems
Georgia Institute of Technology via Udacity
Secure Software Development: Implementation
Linux Foundation via edX
Electron From Scratch: Build Desktop Apps With JavaScript
Udemy
Chrome University
Google via YouTube
KARONTE - Detecting Insecure Multi-Binary Interactions in Embedded Firmware
IEEE via YouTube