Exploiting Inter-Process Communication in SAP’s HTTP Server
Offered By: Ekoparty Security Conference via YouTube
Course Description
Overview
Explore a critical security presentation from Ekoparty 2022 that unveils exploitable vulnerabilities in SAP's HTTP Server. Delve into the details of two memory corruption vulnerabilities (CVE-2022-22536 and CVE-2022-22532) discovered in the Internet Communication Manager (ICM), a core component handling HTTP requests for SAP deployments. Learn how these remotely exploitable flaws could be leveraged by unauthenticated attackers to compromise SAP installations worldwide. Gain insights into high-level protocol exploitation techniques and their potential impact on 90% of Fortune 500 companies relying on SAP software. Presented by Martin Doyhenard, a security researcher from Onapsis Research Labs, this talk offers valuable knowledge on Web stack security, reverse engineering, and binary analysis in the context of ERP systems.
Syllabus
Martin Doyhenard - Exploiting Inter-Process Communication in SAP’s HTTP Server - Ekoparty 2022
Taught by
Ekoparty Security Conference
Related Courses
Introduction to Operating SystemsGeorgia Institute of Technology via Udacity Secure Software Development: Implementation
Linux Foundation via edX Electron From Scratch: Build Desktop Apps With JavaScript
Udemy Chrome University
Google via YouTube KARONTE - Detecting Insecure Multi-Binary Interactions in Embedded Firmware
IEEE via YouTube