Slashdot Mirror

← Back to Stories (view on slashdot.org)

Scores of Vulnerable SAP Deployments Uncovered

Posted by Unknown on Monday June 17, 2013 @02:02PM from the double-your-paycheck dept.

mask.of.sanity writes "Hundreds of organizations have been detected running dangerously vulnerable versions of SAP that were more than seven years old and thousands more have placed their critical data at risk by exposing SAP applications to the public Internet. The new research found the SAP services were inadvertently made accessible thanks to a common misconception that SAP systems were not publicly-facing and remotely-accessible. The SAP services contained dangerous vulnerabilities which were since patched by the vendor but had not been applied."

2 of 118 comments (clear)

Min score:

Reason:

Sort:

Re:I can explain by Flere+Imsaho · 2013-06-17 15:01 · Score: 5, Funny

SAP - Send Another Payment, or, Sucks All Profit

--
It gripped her hand gently. 'Regret is for humans,' it said.
Re:I can explain by Anonymous Coward · 2013-06-17 15:12 · Score: 5, Funny

Chuckle. I used to work at a place that gave all their database stuff to a SAP outside vendor, all their letters and form documents.
One of the people who did interviewing later wanted one of his standard letters -- emailed as a PDF routinely -- to have yellow hilighting applied to an important sentence. He asked the vendor to make that change.
The vendor came back with a proposed work order for six hours of programmer time at $200/hour to make that change.
(My coworker printed that page, got a hilighter, hilighted the text, scanned it, and emailed that image thereafter.)