Owning SAP ASE: Chained Database Attack

  • Thursday, April 23, 2015 | 8:00 AM – 8:50 AM | West | Room: 3018

View all Sessions

A few vulnerabilities chained together will allow anyone with a network connection to a database server, to get complete control over it. We will go over a specific example using SAP ASE 15.7 and 16.0 as targets. Advanced vulnerabilities will be shown. Following application development best practices is not enough. DBAs must keep databases patched, deploy only required functionality and perform frequent audits.


This document was retrieved from on Sun, 23 Oct 2016 02:07:19 -0400.
© 2016 EMC Corporation. All rights reserved.