[<prev] [next>] [day] [month] [year] [list]
Message-ID: <003601c73030$2baf2310$0a00a8c0@MyBabies>
Date: Thu, 4 Jan 2007 18:43:03 -0000
From: "Mark Litchfield" <mark@...bery.com>
To: <bugtraq@...urityfocus.com>
Subject: SAP Security Contact
I do not like to bother this mailing list with such requests, but as you
will see from below (SAP's response), I feel this is a last resort. I have
also phoned SAP leaving a voice mail but with no success.
So if anyone can assist with a contact email address at SAP, ideally an
individual, this would be greatly appreciated.
Thanks in advance for any help.
Cheers
Mark
--------------------------------------------------------------------------------
From: SAP [mailto:webmaster@....com]
Sent: Thu 1/4/2007 3:16 PM
To: Mark Litchfield
Subject: Re: General Enquiry (KMM3303039I24953L0KM)
Mark
Thank you for your interest in SAP. You will need to send your request
directly to our headquarters location in writing.
Here is the headquarters address.
SAP Americas
3999 West Chester Pike
Newtown Square, Pa 19073
Original Message Follows: ------------------------
InfoRequest - General Enquiry
Your Message
I am contacting SAP about:
General inquiry
Dear Sir / Madam,
I am conducting vulnerabvility research into SAP and the various components
that make up SAP. So far my research has found 8 security vulnerabilities,
some of which allow an attcker to execute code remotely on the SAP server as
SYSTEM without the need for authentication.
I am looking for if possible, a security contact within SAP that I may share
my findings with so the necessary code fixes can be put in place to prevent
these issues.
Any assistance you could offer would be greatly appreciated.
Best Regards
Mark Litchfield
www.ngssoftware.com
Powered by blists - more mailing lists