Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Exploiting Inter-Process Communication in SAP’s HTTP Server

Ekoparty Security Conference via YouTube

Overview

Explore a critical security presentation from Ekoparty 2022 that unveils exploitable vulnerabilities in SAP's HTTP Server. Delve into the details of two memory corruption vulnerabilities (CVE-2022-22536 and CVE-2022-22532) discovered in the Internet Communication Manager (ICM), a core component handling HTTP requests for SAP deployments. Learn how these remotely exploitable flaws could be leveraged by unauthenticated attackers to compromise SAP installations worldwide. Gain insights into high-level protocol exploitation techniques and their potential impact on 90% of Fortune 500 companies relying on SAP software. Presented by Martin Doyhenard, a security researcher from Onapsis Research Labs, this talk offers valuable knowledge on Web stack security, reverse engineering, and binary analysis in the context of ERP systems.

Syllabus

Martin Doyhenard - Exploiting Inter-Process Communication in SAP’s HTTP Server - Ekoparty 2022

Taught by

Ekoparty Security Conference

Reviews

Start your review of Exploiting Inter-Process Communication in SAP’s HTTP Server

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.