PT-2011-47: Denial of Service in SAP Vulnerable softwareSAPApplication link: http://www.sap.com Severity levelSeverity level: Medium Impact: Denial of Service Access Vector: Network exploitable CVSS v2: Base Score: 4.3 Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P)CVE: not assignVulnerability descriptionThe specialists of the Positive Research center have detected "Denial of Service" vulnerability in SAP.A vulnerability has been reported in the SAP DIAG protocol parser, which can be exploited by attackers to cause a denial of service.How to fixUpdate your software up to the latest versionAdvisory status02.12.11 - Vendor is notified 02.12.11 - Vendor gets vulnerability details 08.05.12 - Vendor releases fixed version and details 08.08.12 - Public disclosureCreditsThe vulnerability was discovered by Vladimir Zarichny, Positive Research Center (Positive Technologies Company)Referenceshttp://en.securitylab.ru/lab/PT-2011-47 https://service.sap.com/sap/support/notes/1687910 Reports on the vulnerabilities previously discovered by Positive Research:http://ptsecurity.com/research/advisory/ http://en.securitylab.ru/lab/