Exploiting Inter-Process Communication in SAP’s HTTP Server
Offered By: Ekoparty Security Conference via YouTube
Course Description
Overview
Explore a critical security presentation from Ekoparty 2022 that unveils exploitable vulnerabilities in SAP's HTTP Server. Delve into the details of two memory corruption vulnerabilities (CVE-2022-22536 and CVE-2022-22532) discovered in the Internet Communication Manager (ICM), a core component handling HTTP requests for SAP deployments. Learn how these remotely exploitable flaws could be leveraged by unauthenticated attackers to compromise SAP installations worldwide. Gain insights into high-level protocol exploitation techniques and their potential impact on 90% of Fortune 500 companies relying on SAP software. Presented by Martin Doyhenard, a security researcher from Onapsis Research Labs, this talk offers valuable knowledge on Web stack security, reverse engineering, and binary analysis in the context of ERP systems.
Syllabus
Martin Doyhenard - Exploiting Inter-Process Communication in SAP’s HTTP Server - Ekoparty 2022
Taught by
Ekoparty Security Conference
Related Courses
Dal Reverse engineering alla stampa 3DUniversity of Naples Federico II via Federica Rapid Manufacturing
Indian Institute of Technology Kanpur via Swayam Generative Design for Industrial Applications
Autodesk via Coursera Fundamentos de Ciberseguridad: un enfoque práctico
Inter-American Development Bank via edX Functional And Conceptual Design
Indian Institute of Technology Madras via Swayam