SAP R/3 Web Application root compromise


Author: JT Smith

“The Web Application Server demo for Linux contains the program
saposcol that is setuid root. Due to improper usage of popen(3) it may
be possible for local users to gain unauthorized root access.” Full details at Help Net Security.


  • Linux